| # |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| |
| apiVersion: apiextensions.k8s.io/v1beta1 |
| kind: CustomResourceDefinition |
| metadata: |
| name: apisixtlses.apisix.apache.org |
| spec: |
| additionalPrinterColumns: |
| - JSONPath: .spec.hosts |
| name: SNIs |
| type: string |
| - JSONPath: .spec.secret.name |
| name: Secret Name |
| type: string |
| - JSONPath: .spec.secret.namespace |
| name: Secret Namespace |
| type: string |
| - JSONPath: .metadata.creationTimestamp |
| name: Age |
| type: date |
| group: apisix.apache.org |
| versions: |
| - name: v1 |
| served: true |
| storage: true |
| scope: Namespaced |
| names: |
| plural: apisixtlses |
| singular: apisixtls |
| kind: ApisixTls |
| shortNames: |
| - atls |
| preserveUnknownFields: false |
| subresources: |
| status: {} |
| validation: |
| openAPIV3Schema: |
| description: ApisixTls defines SSL resource in APISIX. |
| type: object |
| properties: |
| apiVersion: |
| description: 'APIVersion defines the versioned schema of this representation |
| of an object. Servers should convert recognized schemas to the latest |
| internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
| type: string |
| kind: |
| description: 'Kind is a string value representing the REST resource this |
| object represents. Servers may infer this from the endpoint the client |
| submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
| type: string |
| metadata: |
| type: object |
| spec: |
| description: ApisixTlsSpec is the specification of ApisixSSL. |
| type: object |
| required: |
| - hosts |
| - secret |
| properties: |
| client: |
| description: ApisixMutualTlsClientConfig describes the mutual TLS CA |
| and verify depth |
| type: object |
| properties: |
| caSecret: |
| description: ApisixSecret describes the Kubernetes Secret name and |
| namespace. |
| type: object |
| required: |
| - name |
| - namespace |
| properties: |
| name: |
| type: string |
| minLength: 1 |
| namespace: |
| type: string |
| minLength: 1 |
| depth: |
| type: integer |
| hosts: |
| type: array |
| minItems: 1 |
| items: |
| type: string |
| pattern: ^\*?[0-9a-zA-Z-.]+$ |
| secret: |
| description: ApisixSecret describes the Kubernetes Secret name and namespace. |
| type: object |
| required: |
| - name |
| - namespace |
| properties: |
| name: |
| type: string |
| minLength: 1 |
| namespace: |
| type: string |
| minLength: 1 |
| status: |
| description: ApisixStatus is the status report for Apisix ingress Resources |
| type: object |
| properties: |
| conditions: |
| type: array |
| items: |
| description: "Condition contains details for one aspect of the current |
| state of this API Resource. --- This struct is intended for direct |
| use as an array at the field path .status.conditions. For example, |
| type FooStatus struct{ // Represents the observations of a foo's |
| current state. // Known .status.conditions.type are: \"Available\", |
| \"Progressing\", and \"Degraded\" // +patchMergeKey=type // |
| +patchStrategy=merge // +listType=map // +listMapKey=type |
| \ Conditions []metav1.Condition `json:\"conditions,omitempty\" |
| patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` |
| \n // other fields }" |
| type: object |
| required: |
| - lastTransitionTime |
| - message |
| - reason |
| - status |
| - type |
| properties: |
| lastTransitionTime: |
| description: lastTransitionTime is the last time the condition |
| transitioned from one status to another. This should be when |
| the underlying condition changed. If that is not known, then |
| using the time when the API field changed is acceptable. |
| type: string |
| format: date-time |
| message: |
| description: message is a human readable message indicating details |
| about the transition. This may be an empty string. |
| type: string |
| maxLength: 32768 |
| observedGeneration: |
| description: observedGeneration represents the .metadata.generation |
| that the condition was set based upon. For instance, if .metadata.generation |
| is currently 12, but the .status.conditions[x].observedGeneration |
| is 9, the condition is out of date with respect to the current |
| state of the instance. |
| type: integer |
| format: int64 |
| minimum: 0 |
| reason: |
| description: reason contains a programmatic identifier indicating |
| the reason for the condition's last transition. Producers of |
| specific condition types may define expected values and meanings |
| for this field, and whether the values are considered a guaranteed |
| API. The value should be a CamelCase string. This field may |
| not be empty. |
| type: string |
| maxLength: 1024 |
| minLength: 1 |
| pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ |
| status: |
| description: status of the condition, one of True, False, Unknown. |
| type: string |
| enum: |
| - "True" |
| - "False" |
| - Unknown |
| type: |
| description: type of condition in CamelCase or in foo.example.com/CamelCase. |
| --- Many .condition.type values are consistent across resources |
| like Available, but because arbitrary conditions can be useful |
| (see .node.status.conditions), the ability to deconflict is |
| important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) |
| type: string |
| maxLength: 316 |
| pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ |