diff --git a/Makefile.core.mk b/Makefile.core.mk index 5af5aa683..a3bdf7a91 100644 --- a/Makefile.core.mk +++ b/Makefile.core.mk @@ -118,8 +118,8 @@ install: pre-install helm install istio helm/kind/istio -n istio-system --create-namespace helm install higress helm/kind/higress -n higress-system --create-namespace -ENVOY_LATEST_IMAGE_TAG ?= bf607ae5541ce5c1cc95b4f98b3fd50a83346d33 -ISTIO_LATEST_IMAGE_TAG ?= bf607ae5541ce5c1cc95b4f98b3fd50a83346d33 +ENVOY_LATEST_IMAGE_TAG ?= 0.5.4 +ISTIO_LATEST_IMAGE_TAG ?= 0.5.4 install-dev: pre-install helm install istio helm/istio -n istio-system --create-namespace --set-json='pilot.tag="$(ISTIO_LATEST_IMAGE_TAG)"' --set-json='global.kind=true' diff --git a/VERSION b/VERSION index 4bc4a9161..8ea9cc1eb 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v0.5.3 +v0.5.4 diff --git a/api/cue.yaml b/api/cue.yaml index b07d2ba0f..e08baaf64 100644 --- a/api/cue.yaml +++ b/api/cue.yaml @@ -9,6 +9,8 @@ openapi: directories: networking/v1: - mode: perFile + extensions/v1alpha1: + - mode: perFile # All is used when generating all types referenced in the above directories to # one file. diff --git a/api/extensions/v1alpha1/wasm.pb.go b/api/extensions/v1alpha1/wasm.pb.go new file mode 100644 index 000000000..722a842d5 --- /dev/null +++ b/api/extensions/v1alpha1/wasm.pb.go @@ -0,0 +1,1311 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: extensions/v1alpha1/wasm.proto + +package v1alpha1 + +import ( + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + types "github.com/gogo/protobuf/types" + io "io" + math "math" + math_bits "math/bits" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// The phase in the filter chain where the plugin will be injected. +type PluginPhase int32 + +const ( + // Control plane decides where to insert the plugin. This will generally + // be at the end of the filter chain, right before the Router. + // Do not specify `PluginPhase` if the plugin is independent of others. + PluginPhase_UNSPECIFIED_PHASE PluginPhase = 0 + // Insert plugin before Istio authentication filters. + PluginPhase_AUTHN PluginPhase = 1 + // Insert plugin before Istio authorization filters and after Istio authentication filters. + PluginPhase_AUTHZ PluginPhase = 2 + // Insert plugin before Istio stats filters and after Istio authorization filters. + PluginPhase_STATS PluginPhase = 3 +) + +var PluginPhase_name = map[int32]string{ + 0: "UNSPECIFIED_PHASE", + 1: "AUTHN", + 2: "AUTHZ", + 3: "STATS", +} + +var PluginPhase_value = map[string]int32{ + "UNSPECIFIED_PHASE": 0, + "AUTHN": 1, + "AUTHZ": 2, + "STATS": 3, +} + +func (x PluginPhase) String() string { + return proto.EnumName(PluginPhase_name, int32(x)) +} + +func (PluginPhase) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_4d60b240916c4e18, []int{0} +} + +// The pull behaviour to be applied when fetching an OCI image, +// mirroring K8s behaviour. +// +// +type PullPolicy int32 + +const ( + // Defaults to IfNotPresent, except for OCI images with tag `latest`, for which + // the default will be Always. + PullPolicy_UNSPECIFIED_POLICY PullPolicy = 0 + // If an existing version of the image has been pulled before, that + // will be used. If no version of the image is present locally, we + // will pull the latest version. + PullPolicy_IfNotPresent PullPolicy = 1 + // We will always pull the latest version of an image when applying + // this plugin. + PullPolicy_Always PullPolicy = 2 +) + +var PullPolicy_name = map[int32]string{ + 0: "UNSPECIFIED_POLICY", + 1: "IfNotPresent", + 2: "Always", +} + +var PullPolicy_value = map[string]int32{ + "UNSPECIFIED_POLICY": 0, + "IfNotPresent": 1, + "Always": 2, +} + +func (x PullPolicy) String() string { + return proto.EnumName(PullPolicy_name, int32(x)) +} + +func (PullPolicy) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_4d60b240916c4e18, []int{1} +} + +// +// +// +type WasmPlugin struct { + // URL of a Wasm module or OCI container. If no scheme is present, + // defaults to `oci://`, referencing an OCI image. Other valid schemes + // are `file://` for referencing .wasm module files present locally + // within the proxy container, and `http[s]://` for .wasm module files + // hosted remotely. + Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"` + // SHA256 checksum that will be used to verify Wasm module or OCI container. + // If the `url` field already references a SHA256 (using the `@sha256:` + // notation), it must match the value of this field. If an OCI image is + // referenced by tag and this field is set, its checksum will be verified + // against the contents of this field after pulling. + Sha256 string `protobuf:"bytes,3,opt,name=sha256,proto3" json:"sha256,omitempty"` + // The pull behaviour to be applied when fetching an OCI image. Only + // relevant when images are referenced by tag instead of SHA. Defaults + // to IfNotPresent, except when an OCI image is referenced in the `url` + // and the `latest` tag is used, in which case `Always` is the default, + // mirroring K8s behaviour. + // Setting is ignored if `url` field is referencing a Wasm module directly + // using `file://` or `http[s]://` + ImagePullPolicy PullPolicy `protobuf:"varint,4,opt,name=image_pull_policy,json=imagePullPolicy,proto3,enum=higress.extensions.v1alpha1.PullPolicy" json:"image_pull_policy,omitempty"` + // Credentials to use for OCI image pulling. + // Name of a K8s Secret in the same namespace as the `WasmPlugin` that + // contains a docker pull secret which is to be used to authenticate + // against the registry when pulling the image. + ImagePullSecret string `protobuf:"bytes,5,opt,name=image_pull_secret,json=imagePullSecret,proto3" json:"image_pull_secret,omitempty"` + // Public key that will be used to verify signatures of signed OCI images + // or Wasm modules. Must be supplied in PEM format. + VerificationKey string `protobuf:"bytes,6,opt,name=verification_key,json=verificationKey,proto3" json:"verification_key,omitempty"` + // The configuration that will be passed on to the plugin. + PluginConfig *types.Struct `protobuf:"bytes,7,opt,name=plugin_config,json=pluginConfig,proto3" json:"plugin_config,omitempty"` + // The plugin name to be used in the Envoy configuration (used to be called + // `rootID`). Some .wasm modules might require this value to select the Wasm + // plugin to execute. + PluginName string `protobuf:"bytes,8,opt,name=plugin_name,json=pluginName,proto3" json:"plugin_name,omitempty"` + // Determines where in the filter chain this `WasmPlugin` is to be injected. + Phase PluginPhase `protobuf:"varint,9,opt,name=phase,proto3,enum=higress.extensions.v1alpha1.PluginPhase" json:"phase,omitempty"` + // Determines ordering of `WasmPlugins` in the same `phase`. + // When multiple `WasmPlugins` are applied to the same workload in the + // same `phase`, they will be applied by priority, in descending order. + // If `priority` is not set, or two `WasmPlugins` exist with the same + // value, the ordering will be deterministically derived from name and + // namespace of the `WasmPlugins`. Defaults to `0`. + Priority *types.Int64Value `protobuf:"bytes,10,opt,name=priority,proto3" json:"priority,omitempty"` + // Extended by Higress, the default configuration takes effect globally + DefaultConfig *types.Struct `protobuf:"bytes,101,opt,name=default_config,json=defaultConfig,proto3" json:"default_config,omitempty"` + // Extended by Higress, matching rules take effect + MatchRules []*MatchRule `protobuf:"bytes,102,rep,name=match_rules,json=matchRules,proto3" json:"match_rules,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *WasmPlugin) Reset() { *m = WasmPlugin{} } +func (m *WasmPlugin) String() string { return proto.CompactTextString(m) } +func (*WasmPlugin) ProtoMessage() {} +func (*WasmPlugin) Descriptor() ([]byte, []int) { + return fileDescriptor_4d60b240916c4e18, []int{0} +} +func (m *WasmPlugin) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *WasmPlugin) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_WasmPlugin.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *WasmPlugin) XXX_Merge(src proto.Message) { + xxx_messageInfo_WasmPlugin.Merge(m, src) +} +func (m *WasmPlugin) XXX_Size() int { + return m.Size() +} +func (m *WasmPlugin) XXX_DiscardUnknown() { + xxx_messageInfo_WasmPlugin.DiscardUnknown(m) +} + +var xxx_messageInfo_WasmPlugin proto.InternalMessageInfo + +func (m *WasmPlugin) GetUrl() string { + if m != nil { + return m.Url + } + return "" +} + +func (m *WasmPlugin) GetSha256() string { + if m != nil { + return m.Sha256 + } + return "" +} + +func (m *WasmPlugin) GetImagePullPolicy() PullPolicy { + if m != nil { + return m.ImagePullPolicy + } + return PullPolicy_UNSPECIFIED_POLICY +} + +func (m *WasmPlugin) GetImagePullSecret() string { + if m != nil { + return m.ImagePullSecret + } + return "" +} + +func (m *WasmPlugin) GetVerificationKey() string { + if m != nil { + return m.VerificationKey + } + return "" +} + +func (m *WasmPlugin) GetPluginConfig() *types.Struct { + if m != nil { + return m.PluginConfig + } + return nil +} + +func (m *WasmPlugin) GetPluginName() string { + if m != nil { + return m.PluginName + } + return "" +} + +func (m *WasmPlugin) GetPhase() PluginPhase { + if m != nil { + return m.Phase + } + return PluginPhase_UNSPECIFIED_PHASE +} + +func (m *WasmPlugin) GetPriority() *types.Int64Value { + if m != nil { + return m.Priority + } + return nil +} + +func (m *WasmPlugin) GetDefaultConfig() *types.Struct { + if m != nil { + return m.DefaultConfig + } + return nil +} + +func (m *WasmPlugin) GetMatchRules() []*MatchRule { + if m != nil { + return m.MatchRules + } + return nil +} + +// Extended by Higress +type MatchRule struct { + Ingress []string `protobuf:"bytes,1,rep,name=ingress,proto3" json:"ingress,omitempty"` + Domain []string `protobuf:"bytes,2,rep,name=domain,proto3" json:"domain,omitempty"` + Config *types.Struct `protobuf:"bytes,3,opt,name=config,proto3" json:"config,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *MatchRule) Reset() { *m = MatchRule{} } +func (m *MatchRule) String() string { return proto.CompactTextString(m) } +func (*MatchRule) ProtoMessage() {} +func (*MatchRule) Descriptor() ([]byte, []int) { + return fileDescriptor_4d60b240916c4e18, []int{1} +} +func (m *MatchRule) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *MatchRule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_MatchRule.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *MatchRule) XXX_Merge(src proto.Message) { + xxx_messageInfo_MatchRule.Merge(m, src) +} +func (m *MatchRule) XXX_Size() int { + return m.Size() +} +func (m *MatchRule) XXX_DiscardUnknown() { + xxx_messageInfo_MatchRule.DiscardUnknown(m) +} + +var xxx_messageInfo_MatchRule proto.InternalMessageInfo + +func (m *MatchRule) GetIngress() []string { + if m != nil { + return m.Ingress + } + return nil +} + +func (m *MatchRule) GetDomain() []string { + if m != nil { + return m.Domain + } + return nil +} + +func (m *MatchRule) GetConfig() *types.Struct { + if m != nil { + return m.Config + } + return nil +} + +func init() { + proto.RegisterEnum("higress.extensions.v1alpha1.PluginPhase", PluginPhase_name, PluginPhase_value) + proto.RegisterEnum("higress.extensions.v1alpha1.PullPolicy", PullPolicy_name, PullPolicy_value) + proto.RegisterType((*WasmPlugin)(nil), "higress.extensions.v1alpha1.WasmPlugin") + proto.RegisterType((*MatchRule)(nil), "higress.extensions.v1alpha1.MatchRule") +} + +func init() { proto.RegisterFile("extensions/v1alpha1/wasm.proto", fileDescriptor_4d60b240916c4e18) } + +var fileDescriptor_4d60b240916c4e18 = []byte{ + // 576 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x7c, 0x93, 0xdd, 0x6e, 0xd3, 0x30, + 0x14, 0xc7, 0x97, 0x76, 0xeb, 0xd6, 0xd3, 0x6d, 0x64, 0x96, 0x18, 0xd6, 0x86, 0x4a, 0xb5, 0x0b, + 0x28, 0xbb, 0x48, 0xb4, 0x02, 0xe3, 0x06, 0x4d, 0x74, 0xa3, 0xb0, 0x0a, 0x28, 0x51, 0xb2, 0x81, + 0xd8, 0x4d, 0xe5, 0x66, 0x6e, 0x6a, 0xe1, 0xc4, 0x91, 0xed, 0x6c, 0xf4, 0xf9, 0xb8, 0xe1, 0x92, + 0x47, 0x40, 0x7b, 0x12, 0x54, 0x27, 0xd9, 0x07, 0xa0, 0xde, 0x9d, 0x8f, 0xdf, 0x39, 0xf9, 0xff, + 0x8f, 0x1c, 0x68, 0xd2, 0xef, 0x9a, 0x26, 0x8a, 0x89, 0x44, 0xb9, 0x17, 0x7b, 0x84, 0xa7, 0x13, + 0xb2, 0xe7, 0x5e, 0x12, 0x15, 0x3b, 0xa9, 0x14, 0x5a, 0xa0, 0xed, 0x09, 0x8b, 0x24, 0x55, 0xca, + 0xb9, 0xe1, 0x9c, 0x92, 0xdb, 0x6a, 0x46, 0x42, 0x44, 0x9c, 0xba, 0x06, 0x1d, 0x65, 0x63, 0xf7, + 0x52, 0x92, 0x34, 0xa5, 0x52, 0xe5, 0xc3, 0x5b, 0x0f, 0xff, 0xee, 0x2b, 0x2d, 0xb3, 0x50, 0xe7, + 0xdd, 0x9d, 0x1f, 0x8b, 0x00, 0x5f, 0x88, 0x8a, 0x3d, 0x9e, 0x45, 0x2c, 0x41, 0x36, 0x54, 0x33, + 0xc9, 0x71, 0xa5, 0x65, 0xb5, 0xeb, 0xfe, 0x2c, 0x44, 0x9b, 0x50, 0x53, 0x13, 0xd2, 0x79, 0xb1, + 0x8f, 0xab, 0xa6, 0x58, 0x64, 0x28, 0x80, 0x0d, 0x16, 0x93, 0x88, 0x0e, 0xd3, 0x8c, 0xf3, 0x61, + 0x2a, 0x38, 0x0b, 0xa7, 0x78, 0xb1, 0x65, 0xb5, 0xd7, 0x3b, 0x4f, 0x9c, 0x39, 0x7a, 0x1d, 0x2f, + 0xe3, 0xdc, 0x33, 0xb8, 0x7f, 0xcf, 0x6c, 0xb8, 0x29, 0xa0, 0xdd, 0x3b, 0x4b, 0x15, 0x0d, 0x25, + 0xd5, 0x78, 0xc9, 0x7c, 0xf7, 0x86, 0x0d, 0x4c, 0x19, 0x3d, 0x05, 0xfb, 0x82, 0x4a, 0x36, 0x66, + 0x21, 0xd1, 0x4c, 0x24, 0xc3, 0x6f, 0x74, 0x8a, 0x6b, 0x39, 0x7a, 0xbb, 0xfe, 0x9e, 0x4e, 0xd1, + 0x2b, 0x58, 0x4b, 0x8d, 0xbf, 0x61, 0x28, 0x92, 0x31, 0x8b, 0xf0, 0x72, 0xcb, 0x6a, 0x37, 0x3a, + 0x0f, 0x9c, 0xfc, 0x34, 0x4e, 0x79, 0x1a, 0x27, 0x30, 0xa7, 0xf1, 0x57, 0x73, 0xfa, 0xc8, 0xc0, + 0xe8, 0x11, 0x34, 0x8a, 0xe9, 0x84, 0xc4, 0x14, 0xaf, 0x98, 0x6f, 0x40, 0x5e, 0x1a, 0x90, 0x98, + 0xa2, 0x03, 0x58, 0x4a, 0x27, 0x44, 0x51, 0x5c, 0x37, 0xf6, 0xdb, 0xf3, 0xed, 0x9b, 0x39, 0x6f, + 0xc6, 0xfb, 0xf9, 0x18, 0x7a, 0x09, 0x2b, 0xa9, 0x64, 0x42, 0x32, 0x3d, 0xc5, 0x60, 0x94, 0x6d, + 0xff, 0xa3, 0xac, 0x9f, 0xe8, 0xfd, 0xe7, 0x9f, 0x09, 0xcf, 0xa8, 0x7f, 0x0d, 0xa3, 0x03, 0x58, + 0x3f, 0xa7, 0x63, 0x92, 0x71, 0x5d, 0x1a, 0xa3, 0xf3, 0x8d, 0xad, 0x15, 0x78, 0xe1, 0xec, 0x1d, + 0x34, 0x62, 0xa2, 0xc3, 0xc9, 0x50, 0x66, 0x9c, 0x2a, 0x3c, 0x6e, 0x55, 0xdb, 0x8d, 0xce, 0xe3, + 0xb9, 0xf2, 0x3f, 0xce, 0x78, 0x3f, 0xe3, 0xd4, 0x87, 0xb8, 0x0c, 0xd5, 0x4e, 0x02, 0xf5, 0xeb, + 0x06, 0xc2, 0xb0, 0xcc, 0x12, 0xb3, 0x01, 0x5b, 0xad, 0x6a, 0xbb, 0xee, 0x97, 0xe9, 0xec, 0x2d, + 0x9d, 0x8b, 0x98, 0xb0, 0x04, 0x57, 0x4c, 0xa3, 0xc8, 0x90, 0x0b, 0xb5, 0x42, 0x7f, 0x75, 0xbe, + 0xfe, 0x02, 0xdb, 0xed, 0x41, 0xe3, 0xd6, 0x1d, 0xd1, 0x7d, 0xd8, 0x38, 0x1d, 0x04, 0x5e, 0xef, + 0xa8, 0xff, 0xb6, 0xdf, 0x7b, 0x33, 0xf4, 0x8e, 0xbb, 0x41, 0xcf, 0x5e, 0x40, 0x75, 0x58, 0xea, + 0x9e, 0x9e, 0x1c, 0x0f, 0x6c, 0xab, 0x0c, 0xcf, 0xec, 0xca, 0x2c, 0x0c, 0x4e, 0xba, 0x27, 0x81, + 0x5d, 0xdd, 0x3d, 0x04, 0xb8, 0xf5, 0xf8, 0x36, 0x01, 0xdd, 0xd9, 0xf2, 0xe9, 0x43, 0xff, 0xe8, + 0xab, 0xbd, 0x80, 0x6c, 0x58, 0xed, 0x8f, 0x07, 0x42, 0x7b, 0x92, 0x2a, 0x9a, 0x68, 0xdb, 0x42, + 0x00, 0xb5, 0x2e, 0xbf, 0x24, 0x53, 0x65, 0x57, 0x0e, 0x5f, 0xff, 0xbc, 0x6a, 0x5a, 0xbf, 0xae, + 0x9a, 0xd6, 0xef, 0xab, 0xa6, 0x75, 0xd6, 0x89, 0x98, 0x9e, 0x64, 0x23, 0x27, 0x14, 0xb1, 0x4b, + 0x38, 0x1b, 0x91, 0x11, 0x71, 0x8b, 0x73, 0xba, 0x24, 0x65, 0xee, 0x7f, 0x7e, 0xf4, 0x51, 0xcd, + 0xb8, 0x7c, 0xf6, 0x27, 0x00, 0x00, 0xff, 0xff, 0xb2, 0xe0, 0x3d, 0x06, 0x06, 0x04, 0x00, 0x00, +} + +func (m *WasmPlugin) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *WasmPlugin) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *WasmPlugin) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.MatchRules) > 0 { + for iNdEx := len(m.MatchRules) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.MatchRules[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintWasm(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x6 + i-- + dAtA[i] = 0xb2 + } + } + if m.DefaultConfig != nil { + { + size, err := m.DefaultConfig.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintWasm(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x6 + i-- + dAtA[i] = 0xaa + } + if m.Priority != nil { + { + size, err := m.Priority.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintWasm(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x52 + } + if m.Phase != 0 { + i = encodeVarintWasm(dAtA, i, uint64(m.Phase)) + i-- + dAtA[i] = 0x48 + } + if len(m.PluginName) > 0 { + i -= len(m.PluginName) + copy(dAtA[i:], m.PluginName) + i = encodeVarintWasm(dAtA, i, uint64(len(m.PluginName))) + i-- + dAtA[i] = 0x42 + } + if m.PluginConfig != nil { + { + size, err := m.PluginConfig.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintWasm(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x3a + } + if len(m.VerificationKey) > 0 { + i -= len(m.VerificationKey) + copy(dAtA[i:], m.VerificationKey) + i = encodeVarintWasm(dAtA, i, uint64(len(m.VerificationKey))) + i-- + dAtA[i] = 0x32 + } + if len(m.ImagePullSecret) > 0 { + i -= len(m.ImagePullSecret) + copy(dAtA[i:], m.ImagePullSecret) + i = encodeVarintWasm(dAtA, i, uint64(len(m.ImagePullSecret))) + i-- + dAtA[i] = 0x2a + } + if m.ImagePullPolicy != 0 { + i = encodeVarintWasm(dAtA, i, uint64(m.ImagePullPolicy)) + i-- + dAtA[i] = 0x20 + } + if len(m.Sha256) > 0 { + i -= len(m.Sha256) + copy(dAtA[i:], m.Sha256) + i = encodeVarintWasm(dAtA, i, uint64(len(m.Sha256))) + i-- + dAtA[i] = 0x1a + } + if len(m.Url) > 0 { + i -= len(m.Url) + copy(dAtA[i:], m.Url) + i = encodeVarintWasm(dAtA, i, uint64(len(m.Url))) + i-- + dAtA[i] = 0x12 + } + return len(dAtA) - i, nil +} + +func (m *MatchRule) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *MatchRule) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *MatchRule) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Config != nil { + { + size, err := m.Config.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintWasm(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a + } + if len(m.Domain) > 0 { + for iNdEx := len(m.Domain) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.Domain[iNdEx]) + copy(dAtA[i:], m.Domain[iNdEx]) + i = encodeVarintWasm(dAtA, i, uint64(len(m.Domain[iNdEx]))) + i-- + dAtA[i] = 0x12 + } + } + if len(m.Ingress) > 0 { + for iNdEx := len(m.Ingress) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.Ingress[iNdEx]) + copy(dAtA[i:], m.Ingress[iNdEx]) + i = encodeVarintWasm(dAtA, i, uint64(len(m.Ingress[iNdEx]))) + i-- + dAtA[i] = 0xa + } + } + return len(dAtA) - i, nil +} + +func encodeVarintWasm(dAtA []byte, offset int, v uint64) int { + offset -= sovWasm(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func (m *WasmPlugin) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Url) + if l > 0 { + n += 1 + l + sovWasm(uint64(l)) + } + l = len(m.Sha256) + if l > 0 { + n += 1 + l + sovWasm(uint64(l)) + } + if m.ImagePullPolicy != 0 { + n += 1 + sovWasm(uint64(m.ImagePullPolicy)) + } + l = len(m.ImagePullSecret) + if l > 0 { + n += 1 + l + sovWasm(uint64(l)) + } + l = len(m.VerificationKey) + if l > 0 { + n += 1 + l + sovWasm(uint64(l)) + } + if m.PluginConfig != nil { + l = m.PluginConfig.Size() + n += 1 + l + sovWasm(uint64(l)) + } + l = len(m.PluginName) + if l > 0 { + n += 1 + l + sovWasm(uint64(l)) + } + if m.Phase != 0 { + n += 1 + sovWasm(uint64(m.Phase)) + } + if m.Priority != nil { + l = m.Priority.Size() + n += 1 + l + sovWasm(uint64(l)) + } + if m.DefaultConfig != nil { + l = m.DefaultConfig.Size() + n += 2 + l + sovWasm(uint64(l)) + } + if len(m.MatchRules) > 0 { + for _, e := range m.MatchRules { + l = e.Size() + n += 2 + l + sovWasm(uint64(l)) + } + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *MatchRule) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if len(m.Ingress) > 0 { + for _, s := range m.Ingress { + l = len(s) + n += 1 + l + sovWasm(uint64(l)) + } + } + if len(m.Domain) > 0 { + for _, s := range m.Domain { + l = len(s) + n += 1 + l + sovWasm(uint64(l)) + } + } + if m.Config != nil { + l = m.Config.Size() + n += 1 + l + sovWasm(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovWasm(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozWasm(x uint64) (n int) { + return sovWasm(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (m *WasmPlugin) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: WasmPlugin: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: WasmPlugin: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Url", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Url = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Sha256", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Sha256 = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 4: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field ImagePullPolicy", wireType) + } + m.ImagePullPolicy = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.ImagePullPolicy |= PullPolicy(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ImagePullSecret", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ImagePullSecret = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field VerificationKey", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.VerificationKey = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 7: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field PluginConfig", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.PluginConfig == nil { + m.PluginConfig = &types.Struct{} + } + if err := m.PluginConfig.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 8: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field PluginName", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.PluginName = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 9: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Phase", wireType) + } + m.Phase = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Phase |= PluginPhase(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 10: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Priority", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Priority == nil { + m.Priority = &types.Int64Value{} + } + if err := m.Priority.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 101: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field DefaultConfig", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.DefaultConfig == nil { + m.DefaultConfig = &types.Struct{} + } + if err := m.DefaultConfig.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 102: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field MatchRules", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.MatchRules = append(m.MatchRules, &MatchRule{}) + if err := m.MatchRules[len(m.MatchRules)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipWasm(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWasm + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *MatchRule) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: MatchRule: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: MatchRule: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Ingress", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Ingress = append(m.Ingress, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Domain", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Domain = append(m.Domain, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWasm + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthWasm + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthWasm + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Config == nil { + m.Config = &types.Struct{} + } + if err := m.Config.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipWasm(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWasm + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipWasm(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowWasm + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowWasm + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowWasm + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthWasm + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupWasm + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthWasm + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthWasm = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowWasm = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupWasm = fmt.Errorf("proto: unexpected end of group") +) diff --git a/api/extensions/v1alpha1/wasm.proto b/api/extensions/v1alpha1/wasm.proto new file mode 100644 index 000000000..8e4ee86ea --- /dev/null +++ b/api/extensions/v1alpha1/wasm.proto @@ -0,0 +1,152 @@ +// Copyright Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// Modified by Higress Authors + +syntax = "proto3"; + +import "google/protobuf/wrappers.proto"; +import "google/protobuf/struct.proto"; + +// $schema: higress.extensions.v1alpha1.WasmPlugin +// $title: WasmPlugin +// $description: Extend the functionality provided by the envoy through WebAssembly filters. + +package higress.extensions.v1alpha1; + +option go_package="github.com/alibaba/higress/api/extensions/v1alpha1"; + +// +// +// +message WasmPlugin { + // URL of a Wasm module or OCI container. If no scheme is present, + // defaults to `oci://`, referencing an OCI image. Other valid schemes + // are `file://` for referencing .wasm module files present locally + // within the proxy container, and `http[s]://` for .wasm module files + // hosted remotely. + string url = 2; + + // SHA256 checksum that will be used to verify Wasm module or OCI container. + // If the `url` field already references a SHA256 (using the `@sha256:` + // notation), it must match the value of this field. If an OCI image is + // referenced by tag and this field is set, its checksum will be verified + // against the contents of this field after pulling. + string sha256 = 3; + + // The pull behaviour to be applied when fetching an OCI image. Only + // relevant when images are referenced by tag instead of SHA. Defaults + // to IfNotPresent, except when an OCI image is referenced in the `url` + // and the `latest` tag is used, in which case `Always` is the default, + // mirroring K8s behaviour. + // Setting is ignored if `url` field is referencing a Wasm module directly + // using `file://` or `http[s]://` + PullPolicy image_pull_policy = 4; + + // Credentials to use for OCI image pulling. + // Name of a K8s Secret in the same namespace as the `WasmPlugin` that + // contains a docker pull secret which is to be used to authenticate + // against the registry when pulling the image. + string image_pull_secret = 5; + + // Public key that will be used to verify signatures of signed OCI images + // or Wasm modules. Must be supplied in PEM format. + string verification_key = 6; + + // The configuration that will be passed on to the plugin. + google.protobuf.Struct plugin_config = 7; + + // The plugin name to be used in the Envoy configuration (used to be called + // `rootID`). Some .wasm modules might require this value to select the Wasm + // plugin to execute. + string plugin_name = 8; + + // Determines where in the filter chain this `WasmPlugin` is to be injected. + PluginPhase phase = 9; + + // Determines ordering of `WasmPlugins` in the same `phase`. + // When multiple `WasmPlugins` are applied to the same workload in the + // same `phase`, they will be applied by priority, in descending order. + // If `priority` is not set, or two `WasmPlugins` exist with the same + // value, the ordering will be deterministically derived from name and + // namespace of the `WasmPlugins`. Defaults to `0`. + google.protobuf.Int64Value priority = 10; + + // Extended by Higress, the default configuration takes effect globally + google.protobuf.Struct default_config = 101; + // Extended by Higress, matching rules take effect + repeated MatchRule match_rules = 102; +} + +// Extended by Higress +message MatchRule { + repeated string ingress = 1; + repeated string domain = 2; + google.protobuf.Struct config = 3; +} + +// The phase in the filter chain where the plugin will be injected. +enum PluginPhase { + // Control plane decides where to insert the plugin. This will generally + // be at the end of the filter chain, right before the Router. + // Do not specify `PluginPhase` if the plugin is independent of others. + UNSPECIFIED_PHASE = 0; + + // Insert plugin before Istio authentication filters. + AUTHN = 1; + + // Insert plugin before Istio authorization filters and after Istio authentication filters. + AUTHZ = 2; + + // Insert plugin before Istio stats filters and after Istio authorization filters. + STATS = 3; +} + +// The pull behaviour to be applied when fetching an OCI image, +// mirroring K8s behaviour. +// +// +enum PullPolicy { + // Defaults to IfNotPresent, except for OCI images with tag `latest`, for which + // the default will be Always. + UNSPECIFIED_POLICY = 0; + + // If an existing version of the image has been pulled before, that + // will be used. If no version of the image is present locally, we + // will pull the latest version. + IfNotPresent = 1; + + // We will always pull the latest version of an image when applying + // this plugin. + Always = 2; +} diff --git a/api/extensions/v1alpha1/wasm_deepcopy.gen.go b/api/extensions/v1alpha1/wasm_deepcopy.gen.go new file mode 100644 index 000000000..adc299278 --- /dev/null +++ b/api/extensions/v1alpha1/wasm_deepcopy.gen.go @@ -0,0 +1,58 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: extensions/v1alpha1/wasm.proto + +package v1alpha1 + +import ( + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + _ "github.com/gogo/protobuf/types" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// DeepCopyInto supports using WasmPlugin within kubernetes types, where deepcopy-gen is used. +func (in *WasmPlugin) DeepCopyInto(out *WasmPlugin) { + p := proto.Clone(in).(*WasmPlugin) + *out = *p +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WasmPlugin. Required by controller-gen. +func (in *WasmPlugin) DeepCopy() *WasmPlugin { + if in == nil { + return nil + } + out := new(WasmPlugin) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new WasmPlugin. Required by controller-gen. +func (in *WasmPlugin) DeepCopyInterface() interface{} { + return in.DeepCopy() +} + +// DeepCopyInto supports using MatchRule within kubernetes types, where deepcopy-gen is used. +func (in *MatchRule) DeepCopyInto(out *MatchRule) { + p := proto.Clone(in).(*MatchRule) + *out = *p +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchRule. Required by controller-gen. +func (in *MatchRule) DeepCopy() *MatchRule { + if in == nil { + return nil + } + out := new(MatchRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInterface is an autogenerated deepcopy function, copying the receiver, creating a new MatchRule. Required by controller-gen. +func (in *MatchRule) DeepCopyInterface() interface{} { + return in.DeepCopy() +} diff --git a/api/extensions/v1alpha1/wasm_json.gen.go b/api/extensions/v1alpha1/wasm_json.gen.go new file mode 100644 index 000000000..5c04a18b3 --- /dev/null +++ b/api/extensions/v1alpha1/wasm_json.gen.go @@ -0,0 +1,45 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: extensions/v1alpha1/wasm.proto + +package v1alpha1 + +import ( + bytes "bytes" + fmt "fmt" + github_com_gogo_protobuf_jsonpb "github.com/gogo/protobuf/jsonpb" + proto "github.com/gogo/protobuf/proto" + _ "github.com/gogo/protobuf/types" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// MarshalJSON is a custom marshaler for WasmPlugin +func (this *WasmPlugin) MarshalJSON() ([]byte, error) { + str, err := WasmMarshaler.MarshalToString(this) + return []byte(str), err +} + +// UnmarshalJSON is a custom unmarshaler for WasmPlugin +func (this *WasmPlugin) UnmarshalJSON(b []byte) error { + return WasmUnmarshaler.Unmarshal(bytes.NewReader(b), this) +} + +// MarshalJSON is a custom marshaler for MatchRule +func (this *MatchRule) MarshalJSON() ([]byte, error) { + str, err := WasmMarshaler.MarshalToString(this) + return []byte(str), err +} + +// UnmarshalJSON is a custom unmarshaler for MatchRule +func (this *MatchRule) UnmarshalJSON(b []byte) error { + return WasmUnmarshaler.Unmarshal(bytes.NewReader(b), this) +} + +var ( + WasmMarshaler = &github_com_gogo_protobuf_jsonpb.Marshaler{} + WasmUnmarshaler = &github_com_gogo_protobuf_jsonpb.Unmarshaler{AllowUnknownFields: true} +) diff --git a/api/gen.sh b/api/gen.sh index 7883fde69..6285a5f67 100755 --- a/api/gen.sh +++ b/api/gen.sh @@ -4,7 +4,8 @@ set -eu # Generate all protos buf generate \ - --path networking \ + --path networking \ + --path extensions # Generate CRDs cue-gen -verbose -f=./cue.yaml -crd=true diff --git a/api/kubernetes/customresourcedefinitions.gen.yaml b/api/kubernetes/customresourcedefinitions.gen.yaml index 77e5d4e86..1571df9f5 100644 --- a/api/kubernetes/customresourcedefinitions.gen.yaml +++ b/api/kubernetes/customresourcedefinitions.gen.yaml @@ -1,6 +1,108 @@ # DO NOT EDIT - Generated by Cue OpenAPI generator based on Istio APIs. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + name: wasmplugins.extensions.higress.io +spec: + group: extensions.higress.io + names: + categories: + - higress-io + - extensions-higress-io + kind: WasmPlugin + listKind: WasmPluginList + plural: wasmplugins + singular: wasmplugin + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: 'CreationTimestamp is a timestamp representing the server time + when this object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for + lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + defaultConfig: + type: object + x-kubernetes-preserve-unknown-fields: true + imagePullPolicy: + description: The pull behaviour to be applied when fetching an OCI + image. + enum: + - UNSPECIFIED_POLICY + - IfNotPresent + - Always + type: string + imagePullSecret: + description: Credentials to use for OCI image pulling. + type: string + matchRules: + items: + properties: + config: + type: object + x-kubernetes-preserve-unknown-fields: true + domain: + items: + type: string + type: array + ingress: + items: + type: string + type: array + type: object + type: array + phase: + description: Determines where in the filter chain this `WasmPlugin` + is to be injected. + enum: + - UNSPECIFIED_PHASE + - AUTHN + - AUTHZ + - STATS + type: string + pluginConfig: + description: The configuration that will be passed on to the plugin. + type: object + x-kubernetes-preserve-unknown-fields: true + pluginName: + type: string + priority: + description: Determines ordering of `WasmPlugins` in the same `phase`. + nullable: true + type: integer + sha256: + description: SHA256 checksum that will be used to verify Wasm module + or OCI container. + type: string + url: + description: URL of a Wasm module or OCI container. + type: string + verificationKey: + type: string + type: object + status: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: annotations: "helm.sh/resource-policy": keep diff --git a/api/networking/v1/mcp_bridge.pb.go b/api/networking/v1/mcp_bridge.pb.go index 5592d99d0..5f8c5f376 100644 --- a/api/networking/v1/mcp_bridge.pb.go +++ b/api/networking/v1/mcp_bridge.pb.go @@ -1,17 +1,3 @@ -// Copyright (c) 2022 Alibaba Group Holding Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: networking/v1/mcp_bridge.proto diff --git a/api/networking/v1/mcp_bridge_deepcopy.gen.go b/api/networking/v1/mcp_bridge_deepcopy.gen.go index 77d85f93c..842dc83ce 100644 --- a/api/networking/v1/mcp_bridge_deepcopy.gen.go +++ b/api/networking/v1/mcp_bridge_deepcopy.gen.go @@ -1,17 +1,3 @@ -// Copyright (c) 2022 Alibaba Group Holding Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: networking/v1/mcp_bridge.proto diff --git a/api/networking/v1/mcp_bridge_json.gen.go b/api/networking/v1/mcp_bridge_json.gen.go index 7288bcdb7..7926cee31 100644 --- a/api/networking/v1/mcp_bridge_json.gen.go +++ b/api/networking/v1/mcp_bridge_json.gen.go @@ -1,17 +1,3 @@ -// Copyright (c) 2022 Alibaba Group Holding Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: networking/v1/mcp_bridge.proto diff --git a/client/Makefile b/client/Makefile index 5420082b8..09e1e9955 100644 --- a/client/Makefile +++ b/client/Makefile @@ -28,7 +28,8 @@ comma := , # source packages to scan for kubetype-gen tags kube_source_packages = $(subst $(space),$(empty), \ - github.com/alibaba/higress/api/networking/v1 \ + github.com/alibaba/higress/api/networking/v1, \ + github.com/alibaba/higress/api/extensions/v1alpha1 \ ) # base output package for generated files @@ -38,7 +39,8 @@ kube_api_base_package = $(kube_base_output_package)/apis # source packages to scan for kubernetes generator tags, e.g. deepcopy-gen, client-gen, etc. # these should correspond to the output packages from kubetype-gen kube_api_packages = $(subst $(space),$(empty), \ - $(kube_api_base_package)/networking/v1 \ + $(kube_api_base_package)/networking/v1, \ + $(kube_api_base_package)/extensions/v1alpha1 \ ) # base output package used by kubernetes client-gen kube_clientset_package = $(kube_base_output_package)/clientset diff --git a/client/pkg/apis/extensions/v1alpha1/doc.go b/client/pkg/apis/extensions/v1alpha1/doc.go new file mode 100644 index 000000000..b64ff1579 --- /dev/null +++ b/client/pkg/apis/extensions/v1alpha1/doc.go @@ -0,0 +1,21 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by kubetype-gen. DO NOT EDIT. + +// Package has auto-generated kube type wrappers for raw types. +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +groupName=extensions.higress.io +package v1alpha1 diff --git a/client/pkg/apis/extensions/v1alpha1/register.gen.go b/client/pkg/apis/extensions/v1alpha1/register.gen.go new file mode 100644 index 000000000..0ccb84b77 --- /dev/null +++ b/client/pkg/apis/extensions/v1alpha1/register.gen.go @@ -0,0 +1,49 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by kubetype-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" +) + +var ( + // Package-wide variables from generator "register". + SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +const ( + // Package-wide consts from generator "register". + GroupName = "extensions.higress.io" +) + +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WasmPlugin{}, + &WasmPluginList{}, + ) + v1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/client/pkg/apis/extensions/v1alpha1/types.gen.go b/client/pkg/apis/extensions/v1alpha1/types.gen.go new file mode 100644 index 000000000..412046234 --- /dev/null +++ b/client/pkg/apis/extensions/v1alpha1/types.gen.go @@ -0,0 +1,69 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by kubetype-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + extensionsv1alpha1 "github.com/alibaba/higress/api/extensions/v1alpha1" + metav1alpha1 "istio.io/api/meta/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// +// +// +type WasmPlugin struct { + v1.TypeMeta `json:",inline"` + // +optional + v1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // Spec defines the implementation of this definition. + // +optional + Spec extensionsv1alpha1.WasmPlugin `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` + + Status metav1alpha1.IstioStatus `json:"status"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// WasmPluginList is a collection of WasmPlugins. +type WasmPluginList struct { + v1.TypeMeta `json:",inline"` + // +optional + v1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + Items []WasmPlugin `json:"items" protobuf:"bytes,2,rep,name=items"` +} diff --git a/client/pkg/apis/extensions/v1alpha1/zz_generated.deepcopy.gen.go b/client/pkg/apis/extensions/v1alpha1/zz_generated.deepcopy.gen.go new file mode 100644 index 000000000..8ceb8a8b7 --- /dev/null +++ b/client/pkg/apis/extensions/v1alpha1/zz_generated.deepcopy.gen.go @@ -0,0 +1,85 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WasmPlugin) DeepCopyInto(out *WasmPlugin) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WasmPlugin. +func (in *WasmPlugin) DeepCopy() *WasmPlugin { + if in == nil { + return nil + } + out := new(WasmPlugin) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WasmPlugin) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WasmPluginList) DeepCopyInto(out *WasmPluginList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WasmPlugin, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WasmPluginList. +func (in *WasmPluginList) DeepCopy() *WasmPluginList { + if in == nil { + return nil + } + out := new(WasmPluginList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WasmPluginList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} diff --git a/client/pkg/clientset/versioned/clientset.gen.go b/client/pkg/clientset/versioned/clientset.gen.go index e7e5a7ca6..90bd5de33 100644 --- a/client/pkg/clientset/versioned/clientset.gen.go +++ b/client/pkg/clientset/versioned/clientset.gen.go @@ -19,6 +19,7 @@ package versioned import ( "fmt" + extensionsv1alpha1 "github.com/alibaba/higress/client/pkg/clientset/versioned/typed/extensions/v1alpha1" networkingv1 "github.com/alibaba/higress/client/pkg/clientset/versioned/typed/networking/v1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" @@ -27,6 +28,7 @@ import ( type Interface interface { Discovery() discovery.DiscoveryInterface + ExtensionsV1alpha1() extensionsv1alpha1.ExtensionsV1alpha1Interface NetworkingV1() networkingv1.NetworkingV1Interface } @@ -34,7 +36,13 @@ type Interface interface { // version included in a Clientset. type Clientset struct { *discovery.DiscoveryClient - networkingV1 *networkingv1.NetworkingV1Client + extensionsV1alpha1 *extensionsv1alpha1.ExtensionsV1alpha1Client + networkingV1 *networkingv1.NetworkingV1Client +} + +// ExtensionsV1alpha1 retrieves the ExtensionsV1alpha1Client +func (c *Clientset) ExtensionsV1alpha1() extensionsv1alpha1.ExtensionsV1alpha1Interface { + return c.extensionsV1alpha1 } // NetworkingV1 retrieves the NetworkingV1Client @@ -63,6 +71,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { } var cs Clientset var err error + cs.extensionsV1alpha1, err = extensionsv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } cs.networkingV1, err = networkingv1.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -79,6 +91,7 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset + cs.extensionsV1alpha1 = extensionsv1alpha1.NewForConfigOrDie(c) cs.networkingV1 = networkingv1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) @@ -88,6 +101,7 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { // New creates a new Clientset for the given RESTClient. func New(c rest.Interface) *Clientset { var cs Clientset + cs.extensionsV1alpha1 = extensionsv1alpha1.New(c) cs.networkingV1 = networkingv1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) diff --git a/client/pkg/clientset/versioned/fake/clientset_generated.gen.go b/client/pkg/clientset/versioned/fake/clientset_generated.gen.go index 5aafedb56..b72385bd2 100644 --- a/client/pkg/clientset/versioned/fake/clientset_generated.gen.go +++ b/client/pkg/clientset/versioned/fake/clientset_generated.gen.go @@ -18,6 +18,8 @@ package fake import ( clientset "github.com/alibaba/higress/client/pkg/clientset/versioned" + extensionsv1alpha1 "github.com/alibaba/higress/client/pkg/clientset/versioned/typed/extensions/v1alpha1" + fakeextensionsv1alpha1 "github.com/alibaba/higress/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake" networkingv1 "github.com/alibaba/higress/client/pkg/clientset/versioned/typed/networking/v1" fakenetworkingv1 "github.com/alibaba/higress/client/pkg/clientset/versioned/typed/networking/v1/fake" "k8s.io/apimachinery/pkg/runtime" @@ -74,6 +76,11 @@ func (c *Clientset) Tracker() testing.ObjectTracker { var _ clientset.Interface = &Clientset{} +// ExtensionsV1alpha1 retrieves the ExtensionsV1alpha1Client +func (c *Clientset) ExtensionsV1alpha1() extensionsv1alpha1.ExtensionsV1alpha1Interface { + return &fakeextensionsv1alpha1.FakeExtensionsV1alpha1{Fake: &c.Fake} +} + // NetworkingV1 retrieves the NetworkingV1Client func (c *Clientset) NetworkingV1() networkingv1.NetworkingV1Interface { return &fakenetworkingv1.FakeNetworkingV1{Fake: &c.Fake} diff --git a/client/pkg/clientset/versioned/fake/register.gen.go b/client/pkg/clientset/versioned/fake/register.gen.go index 63f092d1f..d03294e40 100644 --- a/client/pkg/clientset/versioned/fake/register.gen.go +++ b/client/pkg/clientset/versioned/fake/register.gen.go @@ -17,6 +17,7 @@ package fake import ( + extensionsv1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" networkingv1 "github.com/alibaba/higress/client/pkg/apis/networking/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -29,6 +30,7 @@ var scheme = runtime.NewScheme() var codecs = serializer.NewCodecFactory(scheme) var parameterCodec = runtime.NewParameterCodec(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + extensionsv1alpha1.AddToScheme, networkingv1.AddToScheme, } diff --git a/client/pkg/clientset/versioned/scheme/register.gen.go b/client/pkg/clientset/versioned/scheme/register.gen.go index 2e5c559f4..44c59d910 100644 --- a/client/pkg/clientset/versioned/scheme/register.gen.go +++ b/client/pkg/clientset/versioned/scheme/register.gen.go @@ -17,6 +17,7 @@ package scheme import ( + extensionsv1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" networkingv1 "github.com/alibaba/higress/client/pkg/apis/networking/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -29,6 +30,7 @@ var Scheme = runtime.NewScheme() var Codecs = serializer.NewCodecFactory(Scheme) var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + extensionsv1alpha1.AddToScheme, networkingv1.AddToScheme, } diff --git a/client/pkg/clientset/versioned/typed/extensions/v1alpha1/doc.go b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/doc.go new file mode 100644 index 000000000..b927f4034 --- /dev/null +++ b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/doc.go @@ -0,0 +1,18 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/client/pkg/clientset/versioned/typed/extensions/v1alpha1/extensions_client.gen.go b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/extensions_client.gen.go new file mode 100644 index 000000000..ae1b0c600 --- /dev/null +++ b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/extensions_client.gen.go @@ -0,0 +1,87 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" + "github.com/alibaba/higress/client/pkg/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ExtensionsV1alpha1Interface interface { + RESTClient() rest.Interface + WasmPluginsGetter +} + +// ExtensionsV1alpha1Client is used to interact with features provided by the extensions.higress.io group. +type ExtensionsV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ExtensionsV1alpha1Client) WasmPlugins(namespace string) WasmPluginInterface { + return newWasmPlugins(c, namespace) +} + +// NewForConfig creates a new ExtensionsV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*ExtensionsV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &ExtensionsV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ExtensionsV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ExtensionsV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ExtensionsV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ExtensionsV1alpha1Client { + return &ExtensionsV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ExtensionsV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/doc.go b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/doc.go new file mode 100644 index 000000000..e432cf309 --- /dev/null +++ b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/fake_extensions_client.gen.go b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/fake_extensions_client.gen.go new file mode 100644 index 000000000..3e108f18a --- /dev/null +++ b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/fake_extensions_client.gen.go @@ -0,0 +1,38 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/alibaba/higress/client/pkg/clientset/versioned/typed/extensions/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeExtensionsV1alpha1 struct { + *testing.Fake +} + +func (c *FakeExtensionsV1alpha1) WasmPlugins(namespace string) v1alpha1.WasmPluginInterface { + return &FakeWasmPlugins{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeExtensionsV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/fake_wasmplugin.gen.go b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/fake_wasmplugin.gen.go new file mode 100644 index 000000000..517037309 --- /dev/null +++ b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/fake/fake_wasmplugin.gen.go @@ -0,0 +1,140 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeWasmPlugins implements WasmPluginInterface +type FakeWasmPlugins struct { + Fake *FakeExtensionsV1alpha1 + ns string +} + +var wasmpluginsResource = schema.GroupVersionResource{Group: "extensions.higress.io", Version: "v1alpha1", Resource: "wasmplugins"} + +var wasmpluginsKind = schema.GroupVersionKind{Group: "extensions.higress.io", Version: "v1alpha1", Kind: "WasmPlugin"} + +// Get takes name of the wasmPlugin, and returns the corresponding wasmPlugin object, and an error if there is any. +func (c *FakeWasmPlugins) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WasmPlugin, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(wasmpluginsResource, c.ns, name), &v1alpha1.WasmPlugin{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WasmPlugin), err +} + +// List takes label and field selectors, and returns the list of WasmPlugins that match those selectors. +func (c *FakeWasmPlugins) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WasmPluginList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(wasmpluginsResource, wasmpluginsKind, c.ns, opts), &v1alpha1.WasmPluginList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.WasmPluginList{ListMeta: obj.(*v1alpha1.WasmPluginList).ListMeta} + for _, item := range obj.(*v1alpha1.WasmPluginList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested wasmPlugins. +func (c *FakeWasmPlugins) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(wasmpluginsResource, c.ns, opts)) + +} + +// Create takes the representation of a wasmPlugin and creates it. Returns the server's representation of the wasmPlugin, and an error, if there is any. +func (c *FakeWasmPlugins) Create(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.CreateOptions) (result *v1alpha1.WasmPlugin, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(wasmpluginsResource, c.ns, wasmPlugin), &v1alpha1.WasmPlugin{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WasmPlugin), err +} + +// Update takes the representation of a wasmPlugin and updates it. Returns the server's representation of the wasmPlugin, and an error, if there is any. +func (c *FakeWasmPlugins) Update(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.UpdateOptions) (result *v1alpha1.WasmPlugin, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(wasmpluginsResource, c.ns, wasmPlugin), &v1alpha1.WasmPlugin{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WasmPlugin), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeWasmPlugins) UpdateStatus(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.UpdateOptions) (*v1alpha1.WasmPlugin, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(wasmpluginsResource, "status", c.ns, wasmPlugin), &v1alpha1.WasmPlugin{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WasmPlugin), err +} + +// Delete takes name of the wasmPlugin and deletes it. Returns an error if one occurs. +func (c *FakeWasmPlugins) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(wasmpluginsResource, c.ns, name), &v1alpha1.WasmPlugin{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeWasmPlugins) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(wasmpluginsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.WasmPluginList{}) + return err +} + +// Patch applies the patch and returns the patched wasmPlugin. +func (c *FakeWasmPlugins) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WasmPlugin, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(wasmpluginsResource, c.ns, name, pt, data, subresources...), &v1alpha1.WasmPlugin{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WasmPlugin), err +} diff --git a/client/pkg/clientset/versioned/typed/extensions/v1alpha1/generated_expansion.gen.go b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/generated_expansion.gen.go new file mode 100644 index 000000000..73f18e348 --- /dev/null +++ b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/generated_expansion.gen.go @@ -0,0 +1,19 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type WasmPluginExpansion interface{} diff --git a/client/pkg/clientset/versioned/typed/extensions/v1alpha1/wasmplugin.gen.go b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/wasmplugin.gen.go new file mode 100644 index 000000000..179877627 --- /dev/null +++ b/client/pkg/clientset/versioned/typed/extensions/v1alpha1/wasmplugin.gen.go @@ -0,0 +1,193 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" + scheme "github.com/alibaba/higress/client/pkg/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// WasmPluginsGetter has a method to return a WasmPluginInterface. +// A group's client should implement this interface. +type WasmPluginsGetter interface { + WasmPlugins(namespace string) WasmPluginInterface +} + +// WasmPluginInterface has methods to work with WasmPlugin resources. +type WasmPluginInterface interface { + Create(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.CreateOptions) (*v1alpha1.WasmPlugin, error) + Update(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.UpdateOptions) (*v1alpha1.WasmPlugin, error) + UpdateStatus(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.UpdateOptions) (*v1alpha1.WasmPlugin, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WasmPlugin, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WasmPluginList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WasmPlugin, err error) + WasmPluginExpansion +} + +// wasmPlugins implements WasmPluginInterface +type wasmPlugins struct { + client rest.Interface + ns string +} + +// newWasmPlugins returns a WasmPlugins +func newWasmPlugins(c *ExtensionsV1alpha1Client, namespace string) *wasmPlugins { + return &wasmPlugins{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the wasmPlugin, and returns the corresponding wasmPlugin object, and an error if there is any. +func (c *wasmPlugins) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WasmPlugin, err error) { + result = &v1alpha1.WasmPlugin{} + err = c.client.Get(). + Namespace(c.ns). + Resource("wasmplugins"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of WasmPlugins that match those selectors. +func (c *wasmPlugins) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WasmPluginList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.WasmPluginList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("wasmplugins"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested wasmPlugins. +func (c *wasmPlugins) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("wasmplugins"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a wasmPlugin and creates it. Returns the server's representation of the wasmPlugin, and an error, if there is any. +func (c *wasmPlugins) Create(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.CreateOptions) (result *v1alpha1.WasmPlugin, err error) { + result = &v1alpha1.WasmPlugin{} + err = c.client.Post(). + Namespace(c.ns). + Resource("wasmplugins"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(wasmPlugin). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a wasmPlugin and updates it. Returns the server's representation of the wasmPlugin, and an error, if there is any. +func (c *wasmPlugins) Update(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.UpdateOptions) (result *v1alpha1.WasmPlugin, err error) { + result = &v1alpha1.WasmPlugin{} + err = c.client.Put(). + Namespace(c.ns). + Resource("wasmplugins"). + Name(wasmPlugin.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(wasmPlugin). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *wasmPlugins) UpdateStatus(ctx context.Context, wasmPlugin *v1alpha1.WasmPlugin, opts v1.UpdateOptions) (result *v1alpha1.WasmPlugin, err error) { + result = &v1alpha1.WasmPlugin{} + err = c.client.Put(). + Namespace(c.ns). + Resource("wasmplugins"). + Name(wasmPlugin.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(wasmPlugin). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the wasmPlugin and deletes it. Returns an error if one occurs. +func (c *wasmPlugins) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("wasmplugins"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *wasmPlugins) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("wasmplugins"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched wasmPlugin. +func (c *wasmPlugins) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WasmPlugin, err error) { + result = &v1alpha1.WasmPlugin{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("wasmplugins"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/client/pkg/informers/externalversions/extensions/interface.gen.go b/client/pkg/informers/externalversions/extensions/interface.gen.go new file mode 100644 index 000000000..e8ca57067 --- /dev/null +++ b/client/pkg/informers/externalversions/extensions/interface.gen.go @@ -0,0 +1,44 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package extensions + +import ( + v1alpha1 "github.com/alibaba/higress/client/pkg/informers/externalversions/extensions/v1alpha1" + internalinterfaces "github.com/alibaba/higress/client/pkg/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/client/pkg/informers/externalversions/extensions/v1alpha1/interface.gen.go b/client/pkg/informers/externalversions/extensions/v1alpha1/interface.gen.go new file mode 100644 index 000000000..5bda6618a --- /dev/null +++ b/client/pkg/informers/externalversions/extensions/v1alpha1/interface.gen.go @@ -0,0 +1,43 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "github.com/alibaba/higress/client/pkg/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // WasmPlugins returns a WasmPluginInformer. + WasmPlugins() WasmPluginInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// WasmPlugins returns a WasmPluginInformer. +func (v *version) WasmPlugins() WasmPluginInformer { + return &wasmPluginInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/client/pkg/informers/externalversions/extensions/v1alpha1/wasmplugin.gen.go b/client/pkg/informers/externalversions/extensions/v1alpha1/wasmplugin.gen.go new file mode 100644 index 000000000..52ec52812 --- /dev/null +++ b/client/pkg/informers/externalversions/extensions/v1alpha1/wasmplugin.gen.go @@ -0,0 +1,88 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + extensionsv1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" + versioned "github.com/alibaba/higress/client/pkg/clientset/versioned" + internalinterfaces "github.com/alibaba/higress/client/pkg/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/alibaba/higress/client/pkg/listers/extensions/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WasmPluginInformer provides access to a shared informer and lister for +// WasmPlugins. +type WasmPluginInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.WasmPluginLister +} + +type wasmPluginInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewWasmPluginInformer constructs a new informer for WasmPlugin type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWasmPluginInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredWasmPluginInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredWasmPluginInformer constructs a new informer for WasmPlugin type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWasmPluginInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ExtensionsV1alpha1().WasmPlugins(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ExtensionsV1alpha1().WasmPlugins(namespace).Watch(context.TODO(), options) + }, + }, + &extensionsv1alpha1.WasmPlugin{}, + resyncPeriod, + indexers, + ) +} + +func (f *wasmPluginInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredWasmPluginInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *wasmPluginInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&extensionsv1alpha1.WasmPlugin{}, f.defaultInformer) +} + +func (f *wasmPluginInformer) Lister() v1alpha1.WasmPluginLister { + return v1alpha1.NewWasmPluginLister(f.Informer().GetIndexer()) +} diff --git a/client/pkg/informers/externalversions/factory.gen.go b/client/pkg/informers/externalversions/factory.gen.go index 93be82b89..a57867143 100644 --- a/client/pkg/informers/externalversions/factory.gen.go +++ b/client/pkg/informers/externalversions/factory.gen.go @@ -22,6 +22,7 @@ import ( time "time" versioned "github.com/alibaba/higress/client/pkg/clientset/versioned" + extensions "github.com/alibaba/higress/client/pkg/informers/externalversions/extensions" internalinterfaces "github.com/alibaba/higress/client/pkg/informers/externalversions/internalinterfaces" networking "github.com/alibaba/higress/client/pkg/informers/externalversions/networking" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -170,9 +171,14 @@ type SharedInformerFactory interface { ForResource(resource schema.GroupVersionResource) (GenericInformer, error) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + Extensions() extensions.Interface Networking() networking.Interface } +func (f *sharedInformerFactory) Extensions() extensions.Interface { + return extensions.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Networking() networking.Interface { return networking.New(f, f.namespace, f.tweakListOptions) } diff --git a/client/pkg/informers/externalversions/generic.gen.go b/client/pkg/informers/externalversions/generic.gen.go index 2969ae353..9c1063da1 100644 --- a/client/pkg/informers/externalversions/generic.gen.go +++ b/client/pkg/informers/externalversions/generic.gen.go @@ -19,6 +19,7 @@ package externalversions import ( "fmt" + v1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" v1 "github.com/alibaba/higress/client/pkg/apis/networking/v1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" @@ -50,7 +51,11 @@ func (f *genericInformer) Lister() cache.GenericLister { // TODO extend this to unknown resources with a client pool func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { switch resource { - // Group=networking.higress.io, Version=v1 + // Group=extensions.higress.io, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("wasmplugins"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Extensions().V1alpha1().WasmPlugins().Informer()}, nil + + // Group=networking.higress.io, Version=v1 case v1.SchemeGroupVersion.WithResource("mcpbridges"): return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1().McpBridges().Informer()}, nil diff --git a/client/pkg/listers/extensions/v1alpha1/expansion_generated.gen.go b/client/pkg/listers/extensions/v1alpha1/expansion_generated.gen.go new file mode 100644 index 000000000..5d6f9ee4a --- /dev/null +++ b/client/pkg/listers/extensions/v1alpha1/expansion_generated.gen.go @@ -0,0 +1,25 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// WasmPluginListerExpansion allows custom methods to be added to +// WasmPluginLister. +type WasmPluginListerExpansion interface{} + +// WasmPluginNamespaceListerExpansion allows custom methods to be added to +// WasmPluginNamespaceLister. +type WasmPluginNamespaceListerExpansion interface{} diff --git a/client/pkg/listers/extensions/v1alpha1/wasmplugin.gen.go b/client/pkg/listers/extensions/v1alpha1/wasmplugin.gen.go new file mode 100644 index 000000000..16b2b2fff --- /dev/null +++ b/client/pkg/listers/extensions/v1alpha1/wasmplugin.gen.go @@ -0,0 +1,92 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// WasmPluginLister helps list WasmPlugins. +type WasmPluginLister interface { + // List lists all WasmPlugins in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.WasmPlugin, err error) + // WasmPlugins returns an object that can list and get WasmPlugins. + WasmPlugins(namespace string) WasmPluginNamespaceLister + WasmPluginListerExpansion +} + +// wasmPluginLister implements the WasmPluginLister interface. +type wasmPluginLister struct { + indexer cache.Indexer +} + +// NewWasmPluginLister returns a new WasmPluginLister. +func NewWasmPluginLister(indexer cache.Indexer) WasmPluginLister { + return &wasmPluginLister{indexer: indexer} +} + +// List lists all WasmPlugins in the indexer. +func (s *wasmPluginLister) List(selector labels.Selector) (ret []*v1alpha1.WasmPlugin, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WasmPlugin)) + }) + return ret, err +} + +// WasmPlugins returns an object that can list and get WasmPlugins. +func (s *wasmPluginLister) WasmPlugins(namespace string) WasmPluginNamespaceLister { + return wasmPluginNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// WasmPluginNamespaceLister helps list and get WasmPlugins. +type WasmPluginNamespaceLister interface { + // List lists all WasmPlugins in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.WasmPlugin, err error) + // Get retrieves the WasmPlugin from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.WasmPlugin, error) + WasmPluginNamespaceListerExpansion +} + +// wasmPluginNamespaceLister implements the WasmPluginNamespaceLister +// interface. +type wasmPluginNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all WasmPlugins in the indexer for a given namespace. +func (s wasmPluginNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.WasmPlugin, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WasmPlugin)) + }) + return ret, err +} + +// Get retrieves the WasmPlugin from the indexer for a given namespace and name. +func (s wasmPluginNamespaceLister) Get(name string) (*v1alpha1.WasmPlugin, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("wasmplugin"), name) + } + return obj.(*v1alpha1.WasmPlugin), nil +} diff --git a/helm/higress/Chart.yaml b/helm/higress/Chart.yaml index 2a19f9663..8d5592d73 100644 --- a/helm/higress/Chart.yaml +++ b/helm/higress/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.5.3 +appVersion: 0.5.4 description: Helm chart for deploying higress gateways icon: https://higress.io/img/higress_logo_small.png keywords: @@ -9,4 +9,4 @@ name: higress sources: - http://github.com/alibaba/higress type: application -version: 0.5.3 +version: 0.5.4 diff --git a/helm/higress/crds/customresourcedefinitions.gen.yaml b/helm/higress/crds/customresourcedefinitions.gen.yaml index 77e5d4e86..1571df9f5 100644 --- a/helm/higress/crds/customresourcedefinitions.gen.yaml +++ b/helm/higress/crds/customresourcedefinitions.gen.yaml @@ -1,6 +1,108 @@ # DO NOT EDIT - Generated by Cue OpenAPI generator based on Istio APIs. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + name: wasmplugins.extensions.higress.io +spec: + group: extensions.higress.io + names: + categories: + - higress-io + - extensions-higress-io + kind: WasmPlugin + listKind: WasmPluginList + plural: wasmplugins + singular: wasmplugin + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: 'CreationTimestamp is a timestamp representing the server time + when this object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for + lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + defaultConfig: + type: object + x-kubernetes-preserve-unknown-fields: true + imagePullPolicy: + description: The pull behaviour to be applied when fetching an OCI + image. + enum: + - UNSPECIFIED_POLICY + - IfNotPresent + - Always + type: string + imagePullSecret: + description: Credentials to use for OCI image pulling. + type: string + matchRules: + items: + properties: + config: + type: object + x-kubernetes-preserve-unknown-fields: true + domain: + items: + type: string + type: array + ingress: + items: + type: string + type: array + type: object + type: array + phase: + description: Determines where in the filter chain this `WasmPlugin` + is to be injected. + enum: + - UNSPECIFIED_PHASE + - AUTHN + - AUTHZ + - STATS + type: string + pluginConfig: + description: The configuration that will be passed on to the plugin. + type: object + x-kubernetes-preserve-unknown-fields: true + pluginName: + type: string + priority: + description: Determines ordering of `WasmPlugins` in the same `phase`. + nullable: true + type: integer + sha256: + description: SHA256 checksum that will be used to verify Wasm module + or OCI container. + type: string + url: + description: URL of a Wasm module or OCI container. + type: string + verificationKey: + type: string + type: object + status: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: annotations: "helm.sh/resource-policy": keep diff --git a/helm/higress/templates/controller-clusterrole.yaml b/helm/higress/templates/controller-clusterrole.yaml index b065597d4..5bb0c06fc 100644 --- a/helm/higress/templates/controller-clusterrole.yaml +++ b/helm/higress/templates/controller-clusterrole.yaml @@ -42,6 +42,10 @@ rules: resources: ["mcpbridges"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: ["extensions.higress.io"] + resources: ["wasmplugins"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] resources: ["services"] verbs: ["get", "watch", "list", "update", "patch", "create", "delete"] diff --git a/helm/higress/templates/global-gateway.yaml b/helm/higress/templates/global-gateway.yaml deleted file mode 100644 index 8a5bfedb5..000000000 --- a/helm/higress/templates/global-gateway.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: networking.istio.io/v1alpha3 -kind: Gateway -metadata: - name: global - namespace: {{ .Release.Namespace }} -spec: - selector: - higress: {{ .Release.Namespace }}-{{ include "gateway.name" . }} - servers: - - hosts: - - "*" - port: - name: http-80 - number: 80 - protocol: HTTP - ---- diff --git a/helm/higress/values.yaml b/helm/higress/values.yaml index 2c43246ab..6f3d52a47 100644 --- a/helm/higress/values.yaml +++ b/helm/higress/values.yaml @@ -14,7 +14,7 @@ gateway: name: "higress-gateway" replicas: 2 image: gateway - tag: "bf607ae5541ce5c1cc95b4f98b3fd50a83346d33" + tag: "0.5.4" # revision declares which revision this gateway is a part of revision: "" @@ -110,7 +110,7 @@ controller: name: "higress-controller" replicas: 1 image: higress - tag: "bf607ae5541ce5c1cc95b4f98b3fd50a83346d33" + tag: "0.5.4" env: {} labels: {} diff --git a/helm/istio/Chart.yaml b/helm/istio/Chart.yaml index f596a3a88..b056298b6 100644 --- a/helm/istio/Chart.yaml +++ b/helm/istio/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 1.12.3 +appVersion: 1.12.4 description: Helm chart for deploying higress istio name: istio sources: @@ -12,4 +12,4 @@ dependencies: repository: "file://../istiod" version: 1.12.0 type: application -version: 1.12.3 +version: 1.12.4 diff --git a/helm/istiod/values.yaml b/helm/istiod/values.yaml index 92a6a0a11..3c231dfa7 100644 --- a/helm/istiod/values.yaml +++ b/helm/istiod/values.yaml @@ -10,7 +10,7 @@ pilot: rollingMaxUnavailable: 25% hub: higress-registry.cn-hangzhou.cr.aliyuncs.com/higress - tag: bf607ae5541ce5c1cc95b4f98b3fd50a83346d33 + tag: 0.5.4 # Can be a full hub/image:tag image: pilot @@ -256,7 +256,7 @@ global: # Dev builds from prow are on gcr.io hub: higress-registry.cn-hangzhou.cr.aliyuncs.com/higress # Default tag for Istio images. - tag: bf607ae5541ce5c1cc95b4f98b3fd50a83346d33 + tag: 0.5.4 # Specify image pull policy if default behavior isn't desired. # Default behavior: latest images will be Always else IfNotPresent. diff --git a/helm/kind/higress/Chart.lock b/helm/kind/higress/Chart.lock index 2962749d7..c020164da 100644 --- a/helm/kind/higress/Chart.lock +++ b/helm/kind/higress/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: higress repository: file://../../higress - version: 0.5.3 -digest: sha256:31fd001a558b73f3a5b86d607ccf2c4ff7f206fc232068cfc6722ccd02081031 -generated: "2022-12-16T17:21:23.630507+08:00" + version: 0.5.4 +digest: sha256:ea2475e2ba790a07811de045f03ae1a2279a6596bcaa750109f149e8ae2c61bd +generated: "2023-01-18T10:57:50.379427+08:00" diff --git a/helm/kind/higress/Chart.yaml b/helm/kind/higress/Chart.yaml index 7962156d3..4c50e7725 100644 --- a/helm/kind/higress/Chart.yaml +++ b/helm/kind/higress/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.5.3 +appVersion: 0.5.4 description: Helm chart for deploying higress gateways icon: https://higress.io/img/higress_logo_small.png keywords: @@ -11,6 +11,6 @@ sources: dependencies: - name: higress repository: "file://../../higress" - version: 0.5.3 + version: 0.5.4 type: application -version: 0.5.3 +version: 0.5.4 diff --git a/helm/kind/istio/Chart.yaml b/helm/kind/istio/Chart.yaml index 104652c83..479f6d13d 100644 --- a/helm/kind/istio/Chart.yaml +++ b/helm/kind/istio/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 1.12.3 +appVersion: 1.12.4 description: Helm chart for deploying higress istio name: istio-local sources: @@ -12,4 +12,4 @@ dependencies: repository: "file://../../istiod" version: 1.12.0 type: application -version: 1.12.3 +version: 1.12.4 diff --git a/pkg/ingress/config/ingress_config.go b/pkg/ingress/config/ingress_config.go index b526759eb..4d254cfc6 100644 --- a/pkg/ingress/config/ingress_config.go +++ b/pkg/ingress/config/ingress_config.go @@ -16,6 +16,8 @@ package config import ( "encoding/json" + "errors" + "fmt" "strings" "sync" @@ -23,9 +25,12 @@ import ( wasm "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/wasm/v3" httppb "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/wasm/v3" + "github.com/gogo/protobuf/types" "github.com/golang/protobuf/ptypes/wrappers" "google.golang.org/protobuf/types/known/anypb" + extensions "istio.io/api/extensions/v1alpha1" networking "istio.io/api/networking/v1alpha3" + istiotype "istio.io/api/type/v1beta1" "istio.io/istio/pilot/pkg/model" networkingutil "istio.io/istio/pilot/pkg/networking/util" "istio.io/istio/pilot/pkg/util/sets" @@ -36,6 +41,8 @@ import ( listersv1 "k8s.io/client-go/listers/core/v1" "k8s.io/client-go/tools/cache" + higressext "github.com/alibaba/higress/api/extensions/v1alpha1" + extlisterv1 "github.com/alibaba/higress/client/pkg/listers/extensions/v1alpha1" netlisterv1 "github.com/alibaba/higress/client/pkg/listers/networking/v1" "github.com/alibaba/higress/pkg/ingress/kube/annotations" "github.com/alibaba/higress/pkg/ingress/kube/common" @@ -44,6 +51,7 @@ import ( "github.com/alibaba/higress/pkg/ingress/kube/mcpbridge" "github.com/alibaba/higress/pkg/ingress/kube/secret" "github.com/alibaba/higress/pkg/ingress/kube/util" + "github.com/alibaba/higress/pkg/ingress/kube/wasmplugin" . "github.com/alibaba/higress/pkg/ingress/log" "github.com/alibaba/higress/pkg/kube" "github.com/alibaba/higress/registry/reconcile" @@ -69,6 +77,7 @@ type IngressConfig struct { destinationRuleHandlers []model.EventHandler envoyFilterHandlers []model.EventHandler serviceEntryHandlers []model.EventHandler + wasmPluginHandlers []model.EventHandler watchErrorHandler cache.WatchErrorHandler cachedEnvoyFilters []config.Config @@ -83,6 +92,12 @@ type IngressConfig struct { mcpbridgeLister netlisterv1.McpBridgeLister + wasmPluginController wasmplugin.WasmPluginController + + wasmPluginLister extlisterv1.WasmPluginLister + + wasmPlugins map[string]*extensions.WasmPlugin + XDSUpdater model.XDSUpdater annotationHandler annotations.AnnotationHandler @@ -109,11 +124,17 @@ func NewIngressConfig(localKubeClient kube.Client, XDSUpdater model.XDSUpdater, watchedSecretSet: sets.NewSet(), namespace: namespace, mcpbridgeReconciled: true, + wasmPlugins: make(map[string]*extensions.WasmPlugin), } mcpbridgeController := mcpbridge.NewController(localKubeClient, clusterId) mcpbridgeController.AddEventHandler(config.AddOrUpdateMcpBridge, config.DeleteMcpBridge) config.mcpbridgeController = mcpbridgeController config.mcpbridgeLister = mcpbridgeController.Lister() + + wasmPluginController := wasmplugin.NewController(localKubeClient, clusterId) + wasmPluginController.AddEventHandler(config.AddOrUpdateWasmPlugin, config.DeleteWasmPlugin) + config.wasmPluginController = wasmPluginController + config.wasmPluginLister = wasmPluginController.Lister() return config } @@ -134,6 +155,9 @@ func (m *IngressConfig) RegisterEventHandler(kind config.GroupVersionKind, f mod case gvk.ServiceEntry: m.serviceEntryHandlers = append(m.serviceEntryHandlers, f) + + case gvk.WasmPlugin: + m.wasmPluginHandlers = append(m.wasmPluginHandlers, f) } for _, remoteIngressController := range m.remoteIngressControllers { @@ -169,7 +193,8 @@ func (m *IngressConfig) List(typ config.GroupVersionKind, namespace string) ([]c typ != gvk.VirtualService && typ != gvk.DestinationRule && typ != gvk.EnvoyFilter && - typ != gvk.ServiceEntry { + typ != gvk.ServiceEntry && + typ != gvk.WasmPlugin { return nil, common.ErrUnsupportedOp } @@ -206,6 +231,8 @@ func (m *IngressConfig) List(typ config.GroupVersionKind, namespace string) ([]c return m.convertDestinationRule(wrapperConfigs), nil case gvk.ServiceEntry: return m.convertServiceEntry(wrapperConfigs), nil + case gvk.WasmPlugin: + return m.convertWasmPlugin(wrapperConfigs), nil } return nil, nil @@ -472,6 +499,23 @@ func (m *IngressConfig) convertEnvoyFilter(convertOptions *common.ConvertOptions m.mutex.Unlock() } +func (m *IngressConfig) convertWasmPlugin([]common.WrapperConfig) []config.Config { + m.mutex.RLock() + defer m.mutex.RUnlock() + out := make([]config.Config, 0, len(m.wasmPlugins)) + for name, wasmPlugin := range m.wasmPlugins { + out = append(out, config.Config{ + Meta: config.Meta{ + GroupVersionKind: gvk.WasmPlugin, + Name: name, + Namespace: m.namespace, + }, + Spec: wasmPlugin, + }) + } + return out +} + func (m *IngressConfig) convertServiceEntry([]common.WrapperConfig) []config.Config { if m.RegistryReconciler == nil { return nil @@ -643,6 +687,153 @@ func (m *IngressConfig) applyInternalActiveRedirect(convertOptions *common.Conve } } +func (m *IngressConfig) convertIstioWasmPlugin(obj *higressext.WasmPlugin) (*extensions.WasmPlugin, error) { + result := &extensions.WasmPlugin{ + Selector: &istiotype.WorkloadSelector{ + MatchLabels: map[string]string{ + "higress": m.namespace + "-higress-gateway", + }, + }, + Url: obj.Url, + Sha256: obj.Sha256, + ImagePullPolicy: extensions.PullPolicy(obj.ImagePullPolicy), + ImagePullSecret: obj.ImagePullSecret, + VerificationKey: obj.VerificationKey, + PluginConfig: obj.PluginConfig, + PluginName: obj.PluginName, + Phase: extensions.PluginPhase(obj.Phase), + Priority: obj.Priority, + } + if result.PluginConfig != nil { + return result, nil + } + result.PluginConfig = obj.DefaultConfig + if len(obj.MatchRules) > 0 { + if result.PluginConfig == nil { + result.PluginConfig = &types.Struct{ + Fields: map[string]*types.Value{}, + } + } + var ruleValues []*types.Value + for _, rule := range obj.MatchRules { + if rule.Config == nil { + return nil, errors.New("invalid rule has no config") + } + v := &types.Value_StructValue{ + StructValue: rule.Config, + } + var matchItems []*types.Value + for _, ing := range rule.Ingress { + matchItems = append(matchItems, &types.Value{ + Kind: &types.Value_StringValue{ + StringValue: ing, + }, + }) + } + if len(matchItems) > 0 { + v.StructValue.Fields["_match_route_"] = &types.Value{ + Kind: &types.Value_ListValue{ + ListValue: &types.ListValue{ + Values: matchItems, + }, + }, + } + ruleValues = append(ruleValues, &types.Value{ + Kind: v, + }) + continue + } + for _, domain := range rule.Domain { + matchItems = append(matchItems, &types.Value{ + Kind: &types.Value_StringValue{ + StringValue: domain, + }, + }) + } + if len(matchItems) == 0 { + return nil, fmt.Errorf("invalid match rule has no match condition, rule:%v", rule) + } + v.StructValue.Fields["_match_domain_"] = &types.Value{ + Kind: &types.Value_ListValue{ + ListValue: &types.ListValue{ + Values: matchItems, + }, + }, + } + ruleValues = append(ruleValues, &types.Value{ + Kind: v, + }) + } + result.PluginConfig.Fields["_rules_"] = &types.Value{ + Kind: &types.Value_ListValue{ + ListValue: &types.ListValue{ + Values: ruleValues, + }, + }, + } + } + return result, nil + +} + +func (m *IngressConfig) AddOrUpdateWasmPlugin(clusterNamespacedName util.ClusterNamespacedName) { + if clusterNamespacedName.Namespace != m.namespace { + return + } + wasmPlugin, err := m.wasmPluginLister.WasmPlugins(clusterNamespacedName.Namespace).Get(clusterNamespacedName.Name) + if err != nil { + IngressLog.Errorf("wasmPlugin is not found, namespace:%s, name:%s", + clusterNamespacedName.Namespace, clusterNamespacedName.Name) + return + } + metadata := config.Meta{ + Name: clusterNamespacedName.Name + "-wasmplugin", + Namespace: clusterNamespacedName.Namespace, + GroupVersionKind: gvk.WasmPlugin, + // Set this label so that we do not compare configs and just push. + Labels: map[string]string{constants.AlwaysPushLabel: "true"}, + } + for _, f := range m.wasmPluginHandlers { + IngressLog.Debug("WasmPlugin triggerd update") + f(config.Config{Meta: metadata}, config.Config{Meta: metadata}, model.EventUpdate) + } + istioWasmPlugin, err := m.convertIstioWasmPlugin(&wasmPlugin.Spec) + if err != nil { + IngressLog.Errorf("invalid wasmPlugin:%s, err:%v", clusterNamespacedName.Name, err) + return + } + IngressLog.Debugf("wasmPlugin:%s convert to istioWasmPlugin:%v", clusterNamespacedName.Name, istioWasmPlugin) + m.mutex.Lock() + m.wasmPlugins[clusterNamespacedName.Name] = istioWasmPlugin + m.mutex.Unlock() +} + +func (m *IngressConfig) DeleteWasmPlugin(clusterNamespacedName util.ClusterNamespacedName) { + if clusterNamespacedName.Namespace != m.namespace { + return + } + var hit bool + m.mutex.Lock() + if _, ok := m.wasmPlugins[clusterNamespacedName.Name]; ok { + delete(m.wasmPlugins, clusterNamespacedName.Name) + hit = true + } + m.mutex.Unlock() + if hit { + metadata := config.Meta{ + Name: clusterNamespacedName.Name + "-wasmplugin", + Namespace: clusterNamespacedName.Namespace, + GroupVersionKind: gvk.WasmPlugin, + // Set this label so that we do not compare configs and just push. + Labels: map[string]string{constants.AlwaysPushLabel: "true"}, + } + for _, f := range m.wasmPluginHandlers { + IngressLog.Debug("WasmPlugin triggerd update") + f(config.Config{Meta: metadata}, config.Config{Meta: metadata}, model.EventDelete) + } + } +} + func (m *IngressConfig) AddOrUpdateMcpBridge(clusterNamespacedName util.ClusterNamespacedName) { // TODO: get resource name from config if clusterNamespacedName.Name != "default" || clusterNamespacedName.Namespace != m.namespace { @@ -860,7 +1051,8 @@ func constructBasicAuthEnvoyFilter(rules *common.BasicAuthRules, namespace strin } func (m *IngressConfig) Run(stop <-chan struct{}) { - m.mcpbridgeController.Run(stop) + go m.mcpbridgeController.Run(stop) + go m.wasmPluginController.Run(stop) } func (m *IngressConfig) HasSynced() bool { @@ -874,6 +1066,9 @@ func (m *IngressConfig) HasSynced() bool { if !m.mcpbridgeController.HasSynced() || !m.mcpbridgeReconciled { return false } + if !m.wasmPluginController.HasSynced() { + return false + } IngressLog.Info("Ingress config controller synced.") return true } diff --git a/pkg/ingress/kube/common/schema.go b/pkg/ingress/kube/common/schema.go index 9515d82a8..41c8ff5d5 100644 --- a/pkg/ingress/kube/common/schema.go +++ b/pkg/ingress/kube/common/schema.go @@ -25,4 +25,5 @@ var IngressIR = collection.NewSchemasBuilder(). MustAdd(collections.IstioNetworkingV1Alpha3Gateways). MustAdd(collections.IstioNetworkingV1Alpha3Serviceentries). MustAdd(collections.IstioNetworkingV1Alpha3Virtualservices). + MustAdd(collections.IstioExtensionsV1Alpha1Wasmplugins). Build() diff --git a/pkg/ingress/kube/common/tool.go b/pkg/ingress/kube/common/tool.go index ea8fe54ba..25e0c0048 100644 --- a/pkg/ingress/kube/common/tool.go +++ b/pkg/ingress/kube/common/tool.go @@ -277,12 +277,15 @@ func partMd5(raw string) string { return encoded[:4] + encoded[len(encoded)-4:] } -func GenerateUniqueRouteName(route *WrapperHTTPRoute) string { +func GenerateUniqueRouteName(defaultNs string, route *WrapperHTTPRoute) string { + if route.WrapperConfig.Config.Namespace == defaultNs { + return route.WrapperConfig.Config.Name + } return route.Meta() } -func GenerateUniqueRouteNameWithSuffix(route *WrapperHTTPRoute, suffix string) string { - return CreateConvertedName(route.Meta(), suffix) +func GenerateUniqueRouteNameWithSuffix(defaultNs string, route *WrapperHTTPRoute, suffix string) string { + return CreateConvertedName(GenerateUniqueRouteName(defaultNs, route), suffix) } func SplitServiceFQDN(fqdn string) (string, string, bool) { diff --git a/pkg/ingress/kube/common/tool_test.go b/pkg/ingress/kube/common/tool_test.go index b3451f451..8a4c35bcb 100644 --- a/pkg/ingress/kube/common/tool_test.go +++ b/pkg/ingress/kube/common/tool_test.go @@ -198,7 +198,8 @@ func TestGenerateUniqueRouteName(t *testing.T) { }, } - assert.Equal(t, "bar/foo", GenerateUniqueRouteName(input)) + assert.Equal(t, "bar/foo", GenerateUniqueRouteName("xxx", input)) + assert.Equal(t, "foo", GenerateUniqueRouteName("bar", input)) } diff --git a/pkg/ingress/kube/ingress/controller.go b/pkg/ingress/kube/ingress/controller.go index e2ccbcad6..cfb9302e5 100644 --- a/pkg/ingress/kube/ingress/controller.go +++ b/pkg/ingress/kube/ingress/controller.go @@ -548,7 +548,7 @@ func (c *controller) ConvertHTTPRoute(convertOptions *common.ConvertOptions, wra } wrapperHttpRoute.OriginPath = path wrapperHttpRoute.HTTPRoute.Match = []*networking.HTTPMatchRequest{httpMatch} - wrapperHttpRoute.HTTPRoute.Name = common.GenerateUniqueRouteName(wrapperHttpRoute) + wrapperHttpRoute.HTTPRoute.Name = common.GenerateUniqueRouteName(c.options.SystemNamespace, wrapperHttpRoute) ingressRouteBuilder := convertOptions.IngressRouteCache.New(wrapperHttpRoute) @@ -753,7 +753,7 @@ func (c *controller) ApplyCanaryIngress(convertOptions *common.ConvertOptions, w } canary.OriginPath = path canary.HTTPRoute.Match = []*networking.HTTPMatchRequest{httpMatch} - canary.HTTPRoute.Name = common.GenerateUniqueRouteName(canary) + canary.HTTPRoute.Name = common.GenerateUniqueRouteName(c.options.SystemNamespace, canary) ingressRouteBuilder := convertOptions.IngressRouteCache.New(canary) // backend service check @@ -781,7 +781,7 @@ func (c *controller) ApplyCanaryIngress(convertOptions *common.ConvertOptions, w if byHeader { IngressLog.Debug("Insert canary route by header") annotations.ApplyByHeader(canary.HTTPRoute, route.HTTPRoute, canary.WrapperConfig.AnnotationsConfig) - canary.HTTPRoute.Name = common.GenerateUniqueRouteName(canary) + canary.HTTPRoute.Name = common.GenerateUniqueRouteName(c.options.SystemNamespace, canary) } else { IngressLog.Debug("Merge canary route by weight") if route.WeightTotal == 0 { @@ -809,7 +809,7 @@ func (c *controller) ApplyCanaryIngress(convertOptions *common.ConvertOptions, w convertOptions.HTTPRoutes[rule.Host] = routes // Recreate route name. - ingressRouteBuilder.RouteName = common.GenerateUniqueRouteName(canary) + ingressRouteBuilder.RouteName = common.GenerateUniqueRouteName(c.options.SystemNamespace, canary) convertOptions.IngressRouteCache.Add(ingressRouteBuilder) } else { convertOptions.IngressRouteCache.Update(targetRoute) @@ -935,7 +935,7 @@ func (c *controller) createDefaultRoute(wrapper *common.WrapperConfig, backend * OriginPathType: common.Prefix, OriginPath: "/", } - route.HTTPRoute.Name = common.GenerateUniqueRouteNameWithSuffix(route, "default") + route.HTTPRoute.Name = common.GenerateUniqueRouteNameWithSuffix(c.options.SystemNamespace, route, "default") return route } diff --git a/pkg/ingress/kube/ingressv1/controller.go b/pkg/ingress/kube/ingressv1/controller.go index a468adb6f..ebacbdd71 100644 --- a/pkg/ingress/kube/ingressv1/controller.go +++ b/pkg/ingress/kube/ingressv1/controller.go @@ -544,7 +544,7 @@ func (c *controller) ConvertHTTPRoute(convertOptions *common.ConvertOptions, wra } wrapperHttpRoute.OriginPath = path wrapperHttpRoute.HTTPRoute.Match = []*networking.HTTPMatchRequest{httpMatch} - wrapperHttpRoute.HTTPRoute.Name = common.GenerateUniqueRouteName(wrapperHttpRoute) + wrapperHttpRoute.HTTPRoute.Name = common.GenerateUniqueRouteName(c.options.SystemNamespace, wrapperHttpRoute) ingressRouteBuilder := convertOptions.IngressRouteCache.New(wrapperHttpRoute) @@ -750,7 +750,7 @@ func (c *controller) ApplyCanaryIngress(convertOptions *common.ConvertOptions, w } canary.OriginPath = path canary.HTTPRoute.Match = []*networking.HTTPMatchRequest{httpMatch} - canary.HTTPRoute.Name = common.GenerateUniqueRouteName(canary) + canary.HTTPRoute.Name = common.GenerateUniqueRouteName(c.options.SystemNamespace, canary) ingressRouteBuilder := convertOptions.IngressRouteCache.New(canary) // backend service check @@ -778,7 +778,7 @@ func (c *controller) ApplyCanaryIngress(convertOptions *common.ConvertOptions, w if byHeader { IngressLog.Debug("Insert canary route by header") annotations.ApplyByHeader(canary.HTTPRoute, route.HTTPRoute, canary.WrapperConfig.AnnotationsConfig) - canary.HTTPRoute.Name = common.GenerateUniqueRouteName(canary) + canary.HTTPRoute.Name = common.GenerateUniqueRouteName(c.options.SystemNamespace, canary) } else { IngressLog.Debug("Merge canary route by weight") if route.WeightTotal == 0 { @@ -806,7 +806,7 @@ func (c *controller) ApplyCanaryIngress(convertOptions *common.ConvertOptions, w convertOptions.HTTPRoutes[rule.Host] = routes // Recreate route name. - ingressRouteBuilder.RouteName = common.GenerateUniqueRouteName(canary) + ingressRouteBuilder.RouteName = common.GenerateUniqueRouteName(c.options.SystemNamespace, canary) convertOptions.IngressRouteCache.Add(ingressRouteBuilder) } else { convertOptions.IngressRouteCache.Update(targetRoute) @@ -930,7 +930,7 @@ func (c *controller) createDefaultRoute(wrapper *common.WrapperConfig, backend * OriginPathType: common.Prefix, OriginPath: "/", } - route.HTTPRoute.Name = common.GenerateUniqueRouteNameWithSuffix(route, "default") + route.HTTPRoute.Name = common.GenerateUniqueRouteNameWithSuffix(c.options.SystemNamespace, route, "default") return route } diff --git a/pkg/ingress/kube/wasmplugin/controller.go b/pkg/ingress/kube/wasmplugin/controller.go new file mode 100644 index 000000000..f906c7a82 --- /dev/null +++ b/pkg/ingress/kube/wasmplugin/controller.go @@ -0,0 +1,46 @@ +// Copyright (c) 2022 Alibaba Group Holding Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package wasmplugin + +import ( + "time" + + "istio.io/istio/pkg/kube/controllers" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/client-go/tools/cache" + + v1 "github.com/alibaba/higress/client/pkg/apis/extensions/v1alpha1" + "github.com/alibaba/higress/client/pkg/clientset/versioned" + informersv1 "github.com/alibaba/higress/client/pkg/informers/externalversions/extensions/v1alpha1" + listersv1 "github.com/alibaba/higress/client/pkg/listers/extensions/v1alpha1" + "github.com/alibaba/higress/pkg/ingress/kube/controller" + kubeclient "github.com/alibaba/higress/pkg/kube" +) + +type WasmPluginController controller.Controller[listersv1.WasmPluginLister] + +func NewController(client kubeclient.Client, clusterId string) WasmPluginController { + informer := client.HigressInformer().InformerFor(&v1.WasmPlugin{}, func(k versioned.Interface, resync time.Duration) cache.SharedIndexInformer { + return informersv1.NewWasmPluginInformer(k, metav1.NamespaceAll, resync, + cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}) + }) + return controller.NewCommonController("wasmplugin", listersv1.NewWasmPluginLister(informer.GetIndexer()), + informer, GetWasmPlugin, clusterId) +} + +func GetWasmPlugin(lister listersv1.WasmPluginLister, namespacedName types.NamespacedName) (controllers.Object, error) { + return lister.WasmPlugins(namespacedName.Namespace).Get(namespacedName.Name) +} diff --git a/samples/wasmplugin/default-config.yaml b/samples/wasmplugin/default-config.yaml new file mode 100644 index 000000000..c2c6fa597 --- /dev/null +++ b/samples/wasmplugin/default-config.yaml @@ -0,0 +1,10 @@ +apiVersion: extensions.higress.io/v1alpha1 +kind: WasmPlugin +metadata: + name: request-block + namespace: higress-system +spec: + url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/request-block:1.0.0 + defaultConfig: + block_urls: + - "swagger.html" diff --git a/samples/wasmplugin/ingress-level-config.yaml b/samples/wasmplugin/ingress-level-config.yaml new file mode 100644 index 000000000..1773823b8 --- /dev/null +++ b/samples/wasmplugin/ingress-level-config.yaml @@ -0,0 +1,21 @@ +apiVersion: extensions.higress.io/v1alpha1 +kind: WasmPlugin +metadata: + name: request-block + namespace: higress-system +spec: + url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/request-block:1.0.0 + defaultConfig: + block_urls: + - "swagger.html" + matchRules: + - ingress: + - default/foo + config: + block_bodys: + - "foo" + - ingress: + - default/bar + config: + block_bodys: + - "bar"