From 0f2da42dd6804e86da6f2a66311100b48564a764 Mon Sep 17 00:00:00 2001 From: Magda Strek Date: Tue, 24 Oct 2023 13:11:52 +0200 Subject: [PATCH] removed api-gateway component from components list --- installation/resources/components.yaml | 4 - .../api-gateway/apirules.gateway.crd.yaml | 275 ------------------ .../resources/crds/ory/rules.crd.yaml | 139 --------- 3 files changed, 418 deletions(-) delete mode 100644 installation/resources/crds/api-gateway/apirules.gateway.crd.yaml delete mode 100644 installation/resources/crds/ory/rules.crd.yaml diff --git a/installation/resources/components.yaml b/installation/resources/components.yaml index 2737f4c9c711..71b76d44537f 100644 --- a/installation/resources/components.yaml +++ b/installation/resources/components.yaml @@ -3,10 +3,6 @@ defaultNamespace: kyma-system prerequisites: - name: "istio" namespace: "istio-system" - - name: "certificates" - namespace: "istio-system" components: - name: "eventing" - - name: "ory" - - name: "api-gateway" - name: "application-connector" diff --git a/installation/resources/crds/api-gateway/apirules.gateway.crd.yaml b/installation/resources/crds/api-gateway/apirules.gateway.crd.yaml deleted file mode 100644 index 823d1293986c..000000000000 --- a/installation/resources/crds/api-gateway/apirules.gateway.crd.yaml +++ /dev/null @@ -1,275 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null - name: apirules.gateway.kyma-project.io -spec: - group: gateway.kyma-project.io - names: - kind: APIRule - listKind: APIRuleList - plural: apirules - singular: apirule - scope: Namespaced - preserveUnknownFields: false - versions: - - additionalPrinterColumns: - - jsonPath: .status.APIRuleStatus.code - name: Status - type: string - - jsonPath: .spec.host - name: Host - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: APIRule is the Schema for ApiRule APIs. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Defines the desired state of APIRule. - properties: - gateway: - description: Specifies the Istio Gateway to be used. - pattern: ^[0-9a-z-_]+(\/[0-9a-z-_]+|(\.[0-9a-z-_]+)*)$ - type: string - host: - description: Specifies the URL of the exposed service. - maxLength: 256 - minLength: 3 - pattern: ^([a-zA-Z0-9][a-zA-Z0-9-_]*\.)*[a-zA-Z0-9]*[a-zA-Z0-9-_]*[[a-zA-Z0-9]+$ - type: string - rules: - description: Represents the array of Oathkeeper access rules to be - applied. - items: - properties: - accessStrategies: - description: Specifies the list of access strategies. All strategies - listed in [Oathkeeper documentation](https://www.ory.sh/docs/oathkeeper/pipeline/authn) - are supported. - items: - description: Represents a handler that authenticates provided - credentials. See the corresponding type in the oathkeeper-maester - project. - properties: - config: - description: Configures the handler. Configuration keys - vary per handler. - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - jwks_urls: - description: Specifies the array of URLs from which Ory Oathkeeper can retrieve JSON Web Keys for validating JSON Web Token. - The value must begin with either `http://`, `https://`, or `file://`. - type: array - items: - type: string - pattern: ^(http://|https://|file://).*$ - trusted_issuers: - description: If the **trusted_issuers** field is set, the JWT must contain a value for the claim `iss` - that matches exactly (case-sensitive) one of the values of **trusted_issuers**. - The value must begin with either `http://`, `https://`, or `file://`. - type: array - items: - type: string - pattern: ^(http://|https://|file://).*$ - handler: - description: Specifies the name of the handler. - type: string - required: - - handler - type: object - minItems: 1 - type: array - methods: - description: Represents the list of allowed HTTP request methods - available for the **spec.rules.path**. - items: - type: string - minItems: 1 - type: array - mutators: - description: Specifies the list of [Ory Oathkeeper mutators](https://www.ory.sh/docs/oathkeeper/pipeline/mutator). - items: - description: Mutator represents a handler that transforms - the HTTP request before forwarding it. See the corresponding - in the oathkeeper-maester project. - properties: - config: - description: Configures the handler. Configuration keys - vary per handler. - type: object - x-kubernetes-preserve-unknown-fields: true - handler: - description: Specifies the name of the handler. - type: string - required: - - handler - type: object - type: array - path: - description: Specifies the path of the exposed service. - pattern: ^([0-9a-zA-Z./*()?!\\_-]+) - type: string - service: - description: Describes the service to expose. Overwrites the - **spec** level service if defined. - properties: - external: - description: Specifies if the service is internal (in cluster) - or external. - type: boolean - name: - description: Specifies the name of the exposed service. - type: string - namespace: - description: Specifies the Namespace of the exposed service. - If not defined, it defaults to the APIRule Namespace. - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Specifies the communication port of the exposed - service. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - - port - type: object - timeout: - description: Specifies the timeout, in seconds, for - HTTP requests made to **spec.rules.path**. The maximum timeout is limited - to 3900 seconds (65 minutes). Timeout definitions set at this level - take precedence over any timeout defined at the **spec.timeout** level. - maximum: 3900 - minimum: 1 - type: integer - required: - - accessStrategies - - methods - - path - type: object - minItems: 1 - type: array - service: - description: Describes the service to expose. - properties: - external: - description: Specifies if the service is internal (in cluster) - or external. - type: boolean - name: - description: Specifies the name of the exposed service. - type: string - namespace: - description: Specifies the Namespace of the exposed service. If - not defined, it defaults to the APIRule Namespace. - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Specifies the communication port of the exposed service. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - - port - type: object - timeout: - description: Specifies the timeout, in seconds, for HTTP requests for all Oathkeeper access rules. - However, this value can be overridden for each individual rule. - The maximum timeout is limited to 3900 seconds (65 minutes). - If no timeout is specified, the default timeout of 180 seconds applies. - maximum: 3900 - minimum: 1 - type: integer - required: - - gateway - - host - - rules - type: object - status: - description: Describes the observed state of ApiRule. - properties: - APIRuleStatus: - description: Describes the status of APIRule. - properties: - code: - description: Status code describing APIRule. - type: string - desc: - description: Explains the status of APIRule. - type: string - type: object - accessRuleStatus: - description: Describes the status of ORY Oathkeeper Rule. - properties: - code: - description: Status code describing ORY Oathkeeper Rule. - type: string - desc: - description: Explains the status of ORY Oathkeeper Rule. - type: string - type: object - authorizationPolicyStatus: - description: Describes the status of the Istio Authorization Policy subresource. - properties: - code: - description: Status code describing the Istio Authorization Policy subresource. - type: string - desc: - description: Explains the status of the Istio Authorization Policy subresource. - type: string - type: object - lastProcessedTime: - description: Indicates the timestamp when the API Gateway controller last processed APIRule. - format: date-time - type: string - observedGeneration: - description: Specifies the generation of the resource that was observed by the API Gateway controller. - format: int64 - type: integer - requestAuthenticationStatus: - description: Describes the status of the Istio Request Authentication subresource. - properties: - code: - description: Status code describing the state of the Istio Authorization Policy subresource. - type: string - desc: - description: Explains the status of the Istio Request Authentication subresource. - type: string - type: object - virtualServiceStatus: - description: Describes the status of Istio VirtualService. - properties: - code: - description: Status code describing Istio VirtualService. - type: string - desc: - description: Explains the status of Istio VirtualService. - type: string - type: object - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/installation/resources/crds/ory/rules.crd.yaml b/installation/resources/crds/ory/rules.crd.yaml deleted file mode 100644 index 03669d8138f0..000000000000 --- a/installation/resources/crds/ory/rules.crd.yaml +++ /dev/null @@ -1,139 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.5.0 - creationTimestamp: null - name: rules.oathkeeper.ory.sh -spec: - group: oathkeeper.ory.sh - names: - kind: Rule - listKind: RuleList - plural: rules - singular: rule - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Rule is the Schema for the rules API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RuleSpec defines the desired state of Rule - properties: - authenticators: - items: - description: Authenticator represents a handler that authenticates provided credentials. - properties: - config: - description: Config configures the handler. Configuration keys vary per handler. - type: object - x-kubernetes-preserve-unknown-fields: true - handler: - description: Name is the name of a handler - type: string - required: - - handler - type: object - type: array - authorizer: - description: Authorizer represents a handler that authorizes the subject ("user") from the previously validated credentials making the request. - properties: - config: - description: Config configures the handler. Configuration keys vary per handler. - type: object - x-kubernetes-preserve-unknown-fields: true - handler: - description: Name is the name of a handler - type: string - required: - - handler - type: object - configMapName: - description: ConfigMapName points to the K8s ConfigMap that contains these rules - maxLength: 253 - minLength: 1 - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - match: - description: Match defines the URL(s) that an access rule should match. - properties: - methods: - description: Methods represent an array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...) - items: - type: string - type: array - url: - description: URL is the URL that should be matched. It supports regex templates. - type: string - required: - - methods - - url - type: object - mutators: - items: - description: Mutator represents a handler that transforms the HTTP request before forwarding it. - properties: - config: - description: Config configures the handler. Configuration keys vary per handler. - type: object - x-kubernetes-preserve-unknown-fields: true - handler: - description: Name is the name of a handler - type: string - required: - - handler - type: object - type: array - upstream: - description: Upstream represents the location of a server where requests matching a rule should be forwarded to. - properties: - preserveHost: - description: PreserveHost includes the host and port of the url value if set to false. If true, the host and port of the ORY Oathkeeper Proxy will be used instead. - type: boolean - stripPath: - description: StripPath replaces the provided path prefix when forwarding the requested URL to the upstream URL. - type: string - url: - description: URL defines the target URL for incoming requests - maxLength: 256 - minLength: 3 - pattern: ^(?:https?:\/\/)?(?:[^@\/\n]+@)?(?:www\.)?([^:\/\n]+) - type: string - required: - - url - type: object - required: - - match - type: object - status: - description: RuleStatus defines the observed state of Rule - properties: - validation: - description: Validation defines the validation state of Rule - properties: - valid: - type: boolean - validationError: - type: string - type: object - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: []