-
Notifications
You must be signed in to change notification settings - Fork 523
/
Copy pathtypes_proxy.go
94 lines (79 loc) · 3.24 KB
/
types_proxy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package v1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// +genclient
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// Proxy holds cluster-wide information on how to configure default proxies for the cluster. The canonical name is `cluster`
type Proxy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Spec holds user-settable values for the proxy configuration
// +kubebuilder:validation:Required
// +required
Spec ProxySpec `json:"spec"`
// status holds observed values from the cluster. They may not be overridden.
// +optional
Status ProxyStatus `json:"status"`
}
// ProxySpec contains cluster proxy creation configuration.
type ProxySpec struct {
// httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var.
// +optional
HTTPProxy string `json:"httpProxy,omitempty"`
// httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var.
// +optional
HTTPSProxy string `json:"httpsProxy,omitempty"`
// noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used.
// Empty means unset and will not result in an env var.
// +optional
NoProxy string `json:"noProxy,omitempty"`
// readinessEndpoints is a list of endpoints used to verify readiness of the proxy.
// +optional
ReadinessEndpoints []string `json:"readinessEndpoints,omitempty"`
// trustedCA is a reference to a ConfigMap containing a CA certificate bundle.
// The trustedCA field should only be consumed by a proxy validator. The
// validator is responsible for reading the certificate bundle from the required
// key "ca-bundle.crt", merging it with the system default trust bundle,
// and writing the merged trust bundle to a ConfigMap named "trusted-ca-bundle"
// in the "openshift-config-managed" namespace. Clients that expect to make
// proxy connections must use the trusted-ca-bundle for all HTTPS requests to
// the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as
// well.
//
// The namespace for the ConfigMap referenced by trustedCA is
// "openshift-config". Here is an example ConfigMap (in yaml):
//
// apiVersion: v1
// kind: ConfigMap
// metadata:
// name: user-ca-bundle
// namespace: openshift-config
// data:
// ca-bundle.crt: |
// -----BEGIN CERTIFICATE-----
// Custom CA certificate bundle.
// -----END CERTIFICATE-----
//
// +optional
TrustedCA ConfigMapNameReference `json:"trustedCA,omitempty"`
}
// ProxyStatus shows current known state of the cluster proxy.
type ProxyStatus struct {
// httpProxy is the URL of the proxy for HTTP requests.
// +optional
HTTPProxy string `json:"httpProxy,omitempty"`
// httpsProxy is the URL of the proxy for HTTPS requests.
// +optional
HTTPSProxy string `json:"httpsProxy,omitempty"`
// noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used.
// +optional
NoProxy string `json:"noProxy,omitempty"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type ProxyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata"`
Items []Proxy `json:"items"`
}