From 5e28cd44ea101f68972c6b3e63f5b6b37226215c Mon Sep 17 00:00:00 2001 From: Shreyas220 Date: Thu, 19 Aug 2021 23:14:37 +0530 Subject: [PATCH] 1.10.3 Signed-off-by: Shreyas220 --- .gitignore | 1 + ...npolicy.istio.meshery.layer5io.schema.json | 275 +++ .../authorizationpolicy.istio_definition.json | 19 + ...ionrule.istio.meshery.layer5io.schema.json | 1760 +++++++++++++++++ .../destinationrule.istio_definition.json | 19 + ...yfilter.istio.meshery.layer5io.schema.json | 298 +++ .../1.10.3/envoyfilter.istio_definition.json | 19 + ...gateway.istio.meshery.layer5io.schema.json | 158 ++ .../1.10.3/gateway.istio_definition.json | 19 + ...ication.istio.meshery.layer5io.schema.json | 58 + .../peerauthentication.istio_definition.json | 19 + ...ication.istio.meshery.layer5io.schema.json | 92 + ...equestauthentication.istio_definition.json | 19 + ...ceentry.istio.meshery.layer5io.schema.json | 141 ++ .../1.10.3/serviceentry.istio_definition.json | 19 + ...sidecar.istio.meshery.layer5io.schema.json | 157 ++ .../1.10.3/sidecar.istio_definition.json | 19 + ...lemetry.istio.meshery.layer5io.schema.json | 149 ++ .../1.10.3/telemetry.istio_definition.json | 19 + ...service.istio.meshery.layer5io.schema.json | 1203 +++++++++++ .../virtualservice.istio_definition.json | 19 + ...adentry.istio.meshery.layer5io.schema.json | 46 + .../workloadentry.istio_definition.json | 19 + ...adgroup.istio.meshery.layer5io.schema.json | 218 ++ .../workloadgroup.istio_definition.json | 19 + 25 files changed, 4784 insertions(+) create mode 100644 templates/oam/workloads/1.10.3/authorizationpolicy.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/authorizationpolicy.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/destinationrule.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/destinationrule.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/envoyfilter.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/envoyfilter.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/gateway.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/gateway.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/peerauthentication.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/peerauthentication.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/requestauthentication.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/requestauthentication.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/serviceentry.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/serviceentry.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/sidecar.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/sidecar.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/telemetry.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/telemetry.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/virtualservice.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/virtualservice.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/workloadentry.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/workloadentry.istio_definition.json create mode 100644 templates/oam/workloads/1.10.3/workloadgroup.istio.meshery.layer5io.schema.json create mode 100644 templates/oam/workloads/1.10.3/workloadgroup.istio_definition.json diff --git a/.gitignore b/.gitignore index 3f1a5261a..9c89d75c8 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ main **errorutil_analyze_errors.json **errorutil_analyze_summary.json **errorutil_errors_export.json +**generator.sh diff --git a/templates/oam/workloads/1.10.3/authorizationpolicy.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/authorizationpolicy.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..22fd6cdce --- /dev/null +++ b/templates/oam/workloads/1.10.3/authorizationpolicy.istio.meshery.layer5io.schema.json @@ -0,0 +1,275 @@ +{ + "description": "Configuration for access control on workloads. See more details at: https://istio.io/docs/reference/config/security/authorization-policy.html", + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "provider" + ] + } + ] + } + }, + { + "required": [ + "provider" + ] + } + ], + "properties": { + "action": { + "description": "Optional.", + "enum": [ + "ALLOW", + "DENY", + "AUDIT", + "CUSTOM" + ], + "type": "string" + }, + "provider": { + "description": "Specifies detailed configuration of the CUSTOM action.", + "properties": { + "name": { + "description": "Specifies the name of the extension provider.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "rules": { + "description": "Optional.", + "items": { + "properties": { + "from": { + "description": "Optional.", + "items": { + "properties": { + "source": { + "description": "Source specifies the source of a request.", + "properties": { + "ipBlocks": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "namespaces": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notIpBlocks": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notNamespaces": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notPrincipals": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notRemoteIpBlocks": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notRequestPrincipals": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "principals": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "remoteIpBlocks": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "requestPrincipals": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "to": { + "description": "Optional.", + "items": { + "properties": { + "operation": { + "description": "Operation specifies the operation of a request.", + "properties": { + "hosts": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "methods": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notHosts": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notMethods": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notPaths": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "notPorts": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "paths": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "ports": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "when": { + "description": "Optional.", + "items": { + "properties": { + "key": { + "description": "The name of an Istio attribute.", + "format": "string", + "type": "string" + }, + "notValues": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "values": { + "description": "Optional.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "selector": { + "description": "Optional.", + "properties": { + "matchLabels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "AuthorizationPolicy", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/authorizationpolicy.istio_definition.json b/templates/oam/workloads/1.10.3/authorizationpolicy.istio_definition.json new file mode 100644 index 000000000..5d69f3773 --- /dev/null +++ b/templates/oam/workloads/1.10.3/authorizationpolicy.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "AuthorizationPolicy.Istio" + }, + "spec": { + "definitionRef": { + "name": "authorizationpolicy.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "security.istio.io/v1beta1", + "k8sKind": "AuthorizationPolicy" + } + } +} diff --git a/templates/oam/workloads/1.10.3/destinationrule.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/destinationrule.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..2c161765e --- /dev/null +++ b/templates/oam/workloads/1.10.3/destinationrule.istio.meshery.layer5io.schema.json @@ -0,0 +1,1760 @@ +{ + "description": "Configuration affecting load balancing, outlier detection, etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html", + "properties": { + "exportTo": { + "description": "A list of namespaces to which this destination rule is exported.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "host": { + "description": "The name of a service from the service registry.", + "format": "string", + "type": "string" + }, + "subsets": { + "items": { + "properties": { + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "name": { + "description": "Name of the subset.", + "format": "string", + "type": "string" + }, + "trafficPolicy": { + "description": "Traffic policies that apply to this subset.", + "properties": { + "connectionPool": { + "properties": { + "http": { + "description": "HTTP connection pool settings.", + "properties": { + "h2UpgradePolicy": { + "description": "Specify if http1.1 connection should be upgraded to http2 for the associated destination.", + "enum": [ + "DEFAULT", + "DO_NOT_UPGRADE", + "UPGRADE" + ], + "type": "string" + }, + "http1MaxPendingRequests": { + "description": "Maximum number of pending HTTP requests to a destination.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "http2MaxRequests": { + "description": "Maximum number of requests to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "idleTimeout": { + "description": "The idle timeout for upstream connection pool connections.", + "type": "string" + }, + "maxRequestsPerConnection": { + "description": "Maximum number of requests per connection to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "maxRetries": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "useClientProtocol": { + "description": "If set to true, client protocol will be preserved while initiating connection to backend.", + "type": "boolean" + } + }, + "type": "object" + }, + "tcp": { + "description": "Settings common to both HTTP and TCP upstream connections.", + "properties": { + "connectTimeout": { + "description": "TCP connection timeout.", + "type": "string" + }, + "maxConnections": { + "description": "Maximum number of HTTP1 /TCP connections to a destination host.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "tcpKeepalive": { + "description": "If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.", + "properties": { + "interval": { + "description": "The time duration between keep-alive probes.", + "type": "string" + }, + "probes": { + "type": "integer" + }, + "time": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "loadBalancer": { + "description": "Settings controlling the load balancer algorithms.", + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ] + } + }, + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ], + "properties": { + "consistentHash": { + "properties": { + "httpCookie": { + "description": "Hash based on HTTP cookie.", + "properties": { + "name": { + "description": "Name of the cookie.", + "format": "string", + "type": "string" + }, + "path": { + "description": "Path to set for the cookie.", + "format": "string", + "type": "string" + }, + "ttl": { + "description": "Lifetime of the cookie.", + "type": "string" + } + }, + "type": "object" + }, + "httpHeaderName": { + "description": "Hash based on a specific HTTP header.", + "format": "string", + "type": "string" + }, + "httpQueryParameterName": { + "description": "Hash based on a specific HTTP query parameter.", + "format": "string", + "type": "string" + }, + "minimumRingSize": { + "type": "integer" + }, + "useSourceIp": { + "description": "Hash based on the source IP address.", + "type": "boolean" + } + }, + "type": "object" + }, + "localityLbSetting": { + "properties": { + "distribute": { + "description": "Optional: only one of distribute or failover can be set.", + "items": { + "properties": { + "from": { + "description": "Originating locality, '/' separated, e.g.", + "format": "string", + "type": "string" + }, + "to": { + "additionalProperties": { + "type": "integer" + }, + "description": "Map of upstream localities to traffic distribution weights.", + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "enabled": { + "description": "enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety.", + "type": [ + "boolean", + "null" + ] + }, + "failover": { + "description": "Optional: only failover or distribute can be set.", + "items": { + "properties": { + "from": { + "description": "Originating region.", + "format": "string", + "type": "string" + }, + "to": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "simple": { + "enum": [ + "ROUND_ROBIN", + "LEAST_CONN", + "RANDOM", + "PASSTHROUGH" + ], + "type": "string" + } + }, + "type": "object" + }, + "outlierDetection": { + "properties": { + "baseEjectionTime": { + "description": "Minimum ejection duration.", + "type": "string" + }, + "consecutive5xxErrors": { + "description": "Number of 5xx errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "consecutiveErrors": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "consecutiveGatewayErrors": { + "description": "Number of gateway errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "interval": { + "description": "Time interval between ejection sweep analysis.", + "type": "string" + }, + "maxEjectionPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "minHealthPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "portLevelSettings": { + "description": "Traffic policies specific to individual ports.", + "items": { + "properties": { + "connectionPool": { + "properties": { + "http": { + "description": "HTTP connection pool settings.", + "properties": { + "h2UpgradePolicy": { + "description": "Specify if http1.1 connection should be upgraded to http2 for the associated destination.", + "enum": [ + "DEFAULT", + "DO_NOT_UPGRADE", + "UPGRADE" + ], + "type": "string" + }, + "http1MaxPendingRequests": { + "description": "Maximum number of pending HTTP requests to a destination.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "http2MaxRequests": { + "description": "Maximum number of requests to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "idleTimeout": { + "description": "The idle timeout for upstream connection pool connections.", + "type": "string" + }, + "maxRequestsPerConnection": { + "description": "Maximum number of requests per connection to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "maxRetries": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "useClientProtocol": { + "description": "If set to true, client protocol will be preserved while initiating connection to backend.", + "type": "boolean" + } + }, + "type": "object" + }, + "tcp": { + "description": "Settings common to both HTTP and TCP upstream connections.", + "properties": { + "connectTimeout": { + "description": "TCP connection timeout.", + "type": "string" + }, + "maxConnections": { + "description": "Maximum number of HTTP1 /TCP connections to a destination host.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "tcpKeepalive": { + "description": "If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.", + "properties": { + "interval": { + "description": "The time duration between keep-alive probes.", + "type": "string" + }, + "probes": { + "type": "integer" + }, + "time": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "loadBalancer": { + "description": "Settings controlling the load balancer algorithms.", + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ] + } + }, + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ], + "properties": { + "consistentHash": { + "properties": { + "httpCookie": { + "description": "Hash based on HTTP cookie.", + "properties": { + "name": { + "description": "Name of the cookie.", + "format": "string", + "type": "string" + }, + "path": { + "description": "Path to set for the cookie.", + "format": "string", + "type": "string" + }, + "ttl": { + "description": "Lifetime of the cookie.", + "type": "string" + } + }, + "type": "object" + }, + "httpHeaderName": { + "description": "Hash based on a specific HTTP header.", + "format": "string", + "type": "string" + }, + "httpQueryParameterName": { + "description": "Hash based on a specific HTTP query parameter.", + "format": "string", + "type": "string" + }, + "minimumRingSize": { + "type": "integer" + }, + "useSourceIp": { + "description": "Hash based on the source IP address.", + "type": "boolean" + } + }, + "type": "object" + }, + "localityLbSetting": { + "properties": { + "distribute": { + "description": "Optional: only one of distribute or failover can be set.", + "items": { + "properties": { + "from": { + "description": "Originating locality, '/' separated, e.g.", + "format": "string", + "type": "string" + }, + "to": { + "additionalProperties": { + "type": "integer" + }, + "description": "Map of upstream localities to traffic distribution weights.", + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "enabled": { + "description": "enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety.", + "type": [ + "boolean", + "null" + ] + }, + "failover": { + "description": "Optional: only failover or distribute can be set.", + "items": { + "properties": { + "from": { + "description": "Originating region.", + "format": "string", + "type": "string" + }, + "to": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "simple": { + "enum": [ + "ROUND_ROBIN", + "LEAST_CONN", + "RANDOM", + "PASSTHROUGH" + ], + "type": "string" + } + }, + "type": "object" + }, + "outlierDetection": { + "properties": { + "baseEjectionTime": { + "description": "Minimum ejection duration.", + "type": "string" + }, + "consecutive5xxErrors": { + "description": "Number of 5xx errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "consecutiveErrors": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "consecutiveGatewayErrors": { + "description": "Number of gateway errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "interval": { + "description": "Time interval between ejection sweep analysis.", + "type": "string" + }, + "maxEjectionPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "minHealthPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "port": { + "properties": { + "number": { + "type": "integer" + } + }, + "type": "object" + }, + "tls": { + "description": "TLS related settings for connections to the upstream service.", + "properties": { + "caCertificates": { + "format": "string", + "type": "string" + }, + "clientCertificate": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "credentialName": { + "format": "string", + "type": "string" + }, + "mode": { + "enum": [ + "DISABLE", + "SIMPLE", + "MUTUAL", + "ISTIO_MUTUAL" + ], + "type": "string" + }, + "privateKey": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "sni": { + "description": "SNI string to present to the server during TLS handshake.", + "format": "string", + "type": "string" + }, + "subjectAltNames": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "tls": { + "description": "TLS related settings for connections to the upstream service.", + "properties": { + "caCertificates": { + "format": "string", + "type": "string" + }, + "clientCertificate": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "credentialName": { + "format": "string", + "type": "string" + }, + "mode": { + "enum": [ + "DISABLE", + "SIMPLE", + "MUTUAL", + "ISTIO_MUTUAL" + ], + "type": "string" + }, + "privateKey": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "sni": { + "description": "SNI string to present to the server during TLS handshake.", + "format": "string", + "type": "string" + }, + "subjectAltNames": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "trafficPolicy": { + "properties": { + "connectionPool": { + "properties": { + "http": { + "description": "HTTP connection pool settings.", + "properties": { + "h2UpgradePolicy": { + "description": "Specify if http1.1 connection should be upgraded to http2 for the associated destination.", + "enum": [ + "DEFAULT", + "DO_NOT_UPGRADE", + "UPGRADE" + ], + "type": "string" + }, + "http1MaxPendingRequests": { + "description": "Maximum number of pending HTTP requests to a destination.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "http2MaxRequests": { + "description": "Maximum number of requests to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "idleTimeout": { + "description": "The idle timeout for upstream connection pool connections.", + "type": "string" + }, + "maxRequestsPerConnection": { + "description": "Maximum number of requests per connection to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "maxRetries": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "useClientProtocol": { + "description": "If set to true, client protocol will be preserved while initiating connection to backend.", + "type": "boolean" + } + }, + "type": "object" + }, + "tcp": { + "description": "Settings common to both HTTP and TCP upstream connections.", + "properties": { + "connectTimeout": { + "description": "TCP connection timeout.", + "type": "string" + }, + "maxConnections": { + "description": "Maximum number of HTTP1 /TCP connections to a destination host.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "tcpKeepalive": { + "description": "If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.", + "properties": { + "interval": { + "description": "The time duration between keep-alive probes.", + "type": "string" + }, + "probes": { + "type": "integer" + }, + "time": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "loadBalancer": { + "description": "Settings controlling the load balancer algorithms.", + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ] + } + }, + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ], + "properties": { + "consistentHash": { + "properties": { + "httpCookie": { + "description": "Hash based on HTTP cookie.", + "properties": { + "name": { + "description": "Name of the cookie.", + "format": "string", + "type": "string" + }, + "path": { + "description": "Path to set for the cookie.", + "format": "string", + "type": "string" + }, + "ttl": { + "description": "Lifetime of the cookie.", + "type": "string" + } + }, + "type": "object" + }, + "httpHeaderName": { + "description": "Hash based on a specific HTTP header.", + "format": "string", + "type": "string" + }, + "httpQueryParameterName": { + "description": "Hash based on a specific HTTP query parameter.", + "format": "string", + "type": "string" + }, + "minimumRingSize": { + "type": "integer" + }, + "useSourceIp": { + "description": "Hash based on the source IP address.", + "type": "boolean" + } + }, + "type": "object" + }, + "localityLbSetting": { + "properties": { + "distribute": { + "description": "Optional: only one of distribute or failover can be set.", + "items": { + "properties": { + "from": { + "description": "Originating locality, '/' separated, e.g.", + "format": "string", + "type": "string" + }, + "to": { + "additionalProperties": { + "type": "integer" + }, + "description": "Map of upstream localities to traffic distribution weights.", + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "enabled": { + "description": "enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety.", + "type": [ + "boolean", + "null" + ] + }, + "failover": { + "description": "Optional: only failover or distribute can be set.", + "items": { + "properties": { + "from": { + "description": "Originating region.", + "format": "string", + "type": "string" + }, + "to": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "simple": { + "enum": [ + "ROUND_ROBIN", + "LEAST_CONN", + "RANDOM", + "PASSTHROUGH" + ], + "type": "string" + } + }, + "type": "object" + }, + "outlierDetection": { + "properties": { + "baseEjectionTime": { + "description": "Minimum ejection duration.", + "type": "string" + }, + "consecutive5xxErrors": { + "description": "Number of 5xx errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "consecutiveErrors": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "consecutiveGatewayErrors": { + "description": "Number of gateway errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "interval": { + "description": "Time interval between ejection sweep analysis.", + "type": "string" + }, + "maxEjectionPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "minHealthPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "portLevelSettings": { + "description": "Traffic policies specific to individual ports.", + "items": { + "properties": { + "connectionPool": { + "properties": { + "http": { + "description": "HTTP connection pool settings.", + "properties": { + "h2UpgradePolicy": { + "description": "Specify if http1.1 connection should be upgraded to http2 for the associated destination.", + "enum": [ + "DEFAULT", + "DO_NOT_UPGRADE", + "UPGRADE" + ], + "type": "string" + }, + "http1MaxPendingRequests": { + "description": "Maximum number of pending HTTP requests to a destination.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "http2MaxRequests": { + "description": "Maximum number of requests to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "idleTimeout": { + "description": "The idle timeout for upstream connection pool connections.", + "type": "string" + }, + "maxRequestsPerConnection": { + "description": "Maximum number of requests per connection to a backend.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "maxRetries": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "useClientProtocol": { + "description": "If set to true, client protocol will be preserved while initiating connection to backend.", + "type": "boolean" + } + }, + "type": "object" + }, + "tcp": { + "description": "Settings common to both HTTP and TCP upstream connections.", + "properties": { + "connectTimeout": { + "description": "TCP connection timeout.", + "type": "string" + }, + "maxConnections": { + "description": "Maximum number of HTTP1 /TCP connections to a destination host.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "tcpKeepalive": { + "description": "If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.", + "properties": { + "interval": { + "description": "The time duration between keep-alive probes.", + "type": "string" + }, + "probes": { + "type": "integer" + }, + "time": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "loadBalancer": { + "description": "Settings controlling the load balancer algorithms.", + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ] + } + }, + { + "required": [ + "simple" + ] + }, + { + "properties": { + "consistentHash": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + { + "required": [ + "httpHeaderName" + ] + }, + { + "required": [ + "httpCookie" + ] + }, + { + "required": [ + "useSourceIp" + ] + }, + { + "required": [ + "httpQueryParameterName" + ] + } + ] + } + }, + "required": [ + "consistentHash" + ] + } + ], + "properties": { + "consistentHash": { + "properties": { + "httpCookie": { + "description": "Hash based on HTTP cookie.", + "properties": { + "name": { + "description": "Name of the cookie.", + "format": "string", + "type": "string" + }, + "path": { + "description": "Path to set for the cookie.", + "format": "string", + "type": "string" + }, + "ttl": { + "description": "Lifetime of the cookie.", + "type": "string" + } + }, + "type": "object" + }, + "httpHeaderName": { + "description": "Hash based on a specific HTTP header.", + "format": "string", + "type": "string" + }, + "httpQueryParameterName": { + "description": "Hash based on a specific HTTP query parameter.", + "format": "string", + "type": "string" + }, + "minimumRingSize": { + "type": "integer" + }, + "useSourceIp": { + "description": "Hash based on the source IP address.", + "type": "boolean" + } + }, + "type": "object" + }, + "localityLbSetting": { + "properties": { + "distribute": { + "description": "Optional: only one of distribute or failover can be set.", + "items": { + "properties": { + "from": { + "description": "Originating locality, '/' separated, e.g.", + "format": "string", + "type": "string" + }, + "to": { + "additionalProperties": { + "type": "integer" + }, + "description": "Map of upstream localities to traffic distribution weights.", + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "enabled": { + "description": "enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety.", + "type": [ + "boolean", + "null" + ] + }, + "failover": { + "description": "Optional: only failover or distribute can be set.", + "items": { + "properties": { + "from": { + "description": "Originating region.", + "format": "string", + "type": "string" + }, + "to": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "simple": { + "enum": [ + "ROUND_ROBIN", + "LEAST_CONN", + "RANDOM", + "PASSTHROUGH" + ], + "type": "string" + } + }, + "type": "object" + }, + "outlierDetection": { + "properties": { + "baseEjectionTime": { + "description": "Minimum ejection duration.", + "type": "string" + }, + "consecutive5xxErrors": { + "description": "Number of 5xx errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "consecutiveErrors": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "consecutiveGatewayErrors": { + "description": "Number of gateway errors before a host is ejected from the connection pool.", + "type": [ + "integer", + "null" + ] + }, + "interval": { + "description": "Time interval between ejection sweep analysis.", + "type": "string" + }, + "maxEjectionPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "minHealthPercent": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "port": { + "properties": { + "number": { + "type": "integer" + } + }, + "type": "object" + }, + "tls": { + "description": "TLS related settings for connections to the upstream service.", + "properties": { + "caCertificates": { + "format": "string", + "type": "string" + }, + "clientCertificate": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "credentialName": { + "format": "string", + "type": "string" + }, + "mode": { + "enum": [ + "DISABLE", + "SIMPLE", + "MUTUAL", + "ISTIO_MUTUAL" + ], + "type": "string" + }, + "privateKey": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "sni": { + "description": "SNI string to present to the server during TLS handshake.", + "format": "string", + "type": "string" + }, + "subjectAltNames": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "tls": { + "description": "TLS related settings for connections to the upstream service.", + "properties": { + "caCertificates": { + "format": "string", + "type": "string" + }, + "clientCertificate": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "credentialName": { + "format": "string", + "type": "string" + }, + "mode": { + "enum": [ + "DISABLE", + "SIMPLE", + "MUTUAL", + "ISTIO_MUTUAL" + ], + "type": "string" + }, + "privateKey": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "sni": { + "description": "SNI string to present to the server during TLS handshake.", + "format": "string", + "type": "string" + }, + "subjectAltNames": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "DestinationRule", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/destinationrule.istio_definition.json b/templates/oam/workloads/1.10.3/destinationrule.istio_definition.json new file mode 100644 index 000000000..8de0f367d --- /dev/null +++ b/templates/oam/workloads/1.10.3/destinationrule.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "DestinationRule.Istio" + }, + "spec": { + "definitionRef": { + "name": "destinationrule.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "DestinationRule" + } + } +} diff --git a/templates/oam/workloads/1.10.3/envoyfilter.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/envoyfilter.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..101a75855 --- /dev/null +++ b/templates/oam/workloads/1.10.3/envoyfilter.istio.meshery.layer5io.schema.json @@ -0,0 +1,298 @@ +{ + "description": "Customizing Envoy configuration generated by Istio. See more details at: https://istio.io/docs/reference/config/networking/envoy-filter.html", + "properties": { + "configPatches": { + "description": "One or more patches with match conditions.", + "items": { + "properties": { + "applyTo": { + "enum": [ + "INVALID", + "LISTENER", + "FILTER_CHAIN", + "NETWORK_FILTER", + "HTTP_FILTER", + "ROUTE_CONFIGURATION", + "VIRTUAL_HOST", + "HTTP_ROUTE", + "CLUSTER", + "EXTENSION_CONFIG" + ], + "type": "string" + }, + "match": { + "description": "Match on listener/route configuration/cluster.", + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "listener" + ] + }, + { + "required": [ + "routeConfiguration" + ] + }, + { + "required": [ + "cluster" + ] + } + ] + } + }, + { + "required": [ + "listener" + ] + }, + { + "required": [ + "routeConfiguration" + ] + }, + { + "required": [ + "cluster" + ] + } + ], + "properties": { + "cluster": { + "description": "Match on envoy cluster attributes.", + "properties": { + "name": { + "description": "The exact name of the cluster to match.", + "format": "string", + "type": "string" + }, + "portNumber": { + "description": "The service port for which this cluster was generated.", + "type": "integer" + }, + "service": { + "description": "The fully qualified service name for this cluster.", + "format": "string", + "type": "string" + }, + "subset": { + "description": "The subset associated with the service.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "context": { + "description": "The specific config generation context to match on.", + "enum": [ + "ANY", + "SIDECAR_INBOUND", + "SIDECAR_OUTBOUND", + "GATEWAY" + ], + "type": "string" + }, + "listener": { + "description": "Match on envoy listener attributes.", + "properties": { + "filterChain": { + "description": "Match a specific filter chain in a listener.", + "properties": { + "applicationProtocols": { + "description": "Applies only to sidecars.", + "format": "string", + "type": "string" + }, + "destinationPort": { + "description": "The destination_port value used by a filter chain's match condition.", + "type": "integer" + }, + "filter": { + "description": "The name of a specific filter to apply the patch to.", + "properties": { + "name": { + "description": "The filter name to match on.", + "format": "string", + "type": "string" + }, + "subFilter": { + "properties": { + "name": { + "description": "The filter name to match on.", + "format": "string", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "name": { + "description": "The name assigned to the filter chain.", + "format": "string", + "type": "string" + }, + "sni": { + "description": "The SNI value used by a filter chain's match condition.", + "format": "string", + "type": "string" + }, + "transportProtocol": { + "description": "Applies only to `SIDECAR_INBOUND` context.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "name": { + "description": "Match a specific listener by its name.", + "format": "string", + "type": "string" + }, + "portName": { + "format": "string", + "type": "string" + }, + "portNumber": { + "type": "integer" + } + }, + "type": "object" + }, + "proxy": { + "description": "Match on properties associated with a proxy.", + "properties": { + "metadata": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "proxyVersion": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "routeConfiguration": { + "description": "Match on envoy HTTP route configuration attributes.", + "properties": { + "gateway": { + "format": "string", + "type": "string" + }, + "name": { + "description": "Route configuration name to match on.", + "format": "string", + "type": "string" + }, + "portName": { + "description": "Applicable only for GATEWAY context.", + "format": "string", + "type": "string" + }, + "portNumber": { + "type": "integer" + }, + "vhost": { + "properties": { + "name": { + "format": "string", + "type": "string" + }, + "route": { + "description": "Match a specific route within the virtual host.", + "properties": { + "action": { + "description": "Match a route with specific action type.", + "enum": [ + "ANY", + "ROUTE", + "REDIRECT", + "DIRECT_RESPONSE" + ], + "type": "string" + }, + "name": { + "format": "string", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "patch": { + "description": "The patch to apply along with the operation.", + "properties": { + "filterClass": { + "description": "Determines the filter insertion order.", + "enum": [ + "UNSPECIFIED", + "AUTHN", + "AUTHZ", + "STATS" + ], + "type": "string" + }, + "operation": { + "description": "Determines how the patch should be applied.", + "enum": [ + "INVALID", + "MERGE", + "ADD", + "REMOVE", + "INSERT_BEFORE", + "INSERT_AFTER", + "INSERT_FIRST", + "REPLACE" + ], + "type": "string" + }, + "value": { + "description": "The JSON config of the object being patched.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "workloadSelector": { + "properties": { + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "EnvoyFilter", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/envoyfilter.istio_definition.json b/templates/oam/workloads/1.10.3/envoyfilter.istio_definition.json new file mode 100644 index 000000000..547cbe5f0 --- /dev/null +++ b/templates/oam/workloads/1.10.3/envoyfilter.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "EnvoyFilter.Istio" + }, + "spec": { + "definitionRef": { + "name": "envoyfilter.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "EnvoyFilter" + } + } +} diff --git a/templates/oam/workloads/1.10.3/gateway.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/gateway.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..0750d41a5 --- /dev/null +++ b/templates/oam/workloads/1.10.3/gateway.istio.meshery.layer5io.schema.json @@ -0,0 +1,158 @@ +{ + "description": "Configuration affecting edge load balancer. See more details at: https://istio.io/docs/reference/config/networking/gateway.html", + "properties": { + "selector": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "servers": { + "description": "A list of server specifications.", + "items": { + "properties": { + "bind": { + "format": "string", + "type": "string" + }, + "defaultEndpoint": { + "format": "string", + "type": "string" + }, + "hosts": { + "description": "One or more hosts exposed by this gateway.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "name": { + "description": "An optional name of the server, when set must be unique across all servers.", + "format": "string", + "type": "string" + }, + "port": { + "properties": { + "name": { + "description": "Label assigned to the port.", + "format": "string", + "type": "string" + }, + "number": { + "description": "A valid non-negative integer port number.", + "type": "integer" + }, + "protocol": { + "description": "The protocol exposed on the port.", + "format": "string", + "type": "string" + }, + "targetPort": { + "type": "integer" + } + }, + "type": "object" + }, + "tls": { + "description": "Set of TLS related options that govern the server's behavior.", + "properties": { + "caCertificates": { + "description": "REQUIRED if mode is `MUTUAL`.", + "format": "string", + "type": "string" + }, + "cipherSuites": { + "description": "Optional: If specified, only support the specified cipher list.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "credentialName": { + "format": "string", + "type": "string" + }, + "httpsRedirect": { + "type": "boolean" + }, + "maxProtocolVersion": { + "description": "Optional: Maximum TLS protocol version.", + "enum": [ + "TLS_AUTO", + "TLSV1_0", + "TLSV1_1", + "TLSV1_2", + "TLSV1_3" + ], + "type": "string" + }, + "minProtocolVersion": { + "description": "Optional: Minimum TLS protocol version.", + "enum": [ + "TLS_AUTO", + "TLSV1_0", + "TLSV1_1", + "TLSV1_2", + "TLSV1_3" + ], + "type": "string" + }, + "mode": { + "enum": [ + "PASSTHROUGH", + "SIMPLE", + "MUTUAL", + "AUTO_PASSTHROUGH", + "ISTIO_MUTUAL" + ], + "type": "string" + }, + "privateKey": { + "description": "REQUIRED if mode is `SIMPLE` or `MUTUAL`.", + "format": "string", + "type": "string" + }, + "serverCertificate": { + "description": "REQUIRED if mode is `SIMPLE` or `MUTUAL`.", + "format": "string", + "type": "string" + }, + "subjectAltNames": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "verifyCertificateHash": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "verifyCertificateSpki": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "Gateway", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/gateway.istio_definition.json b/templates/oam/workloads/1.10.3/gateway.istio_definition.json new file mode 100644 index 000000000..dcbd83ca5 --- /dev/null +++ b/templates/oam/workloads/1.10.3/gateway.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "Gateway.Istio" + }, + "spec": { + "definitionRef": { + "name": "gateway.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "Gateway" + } + } +} diff --git a/templates/oam/workloads/1.10.3/peerauthentication.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/peerauthentication.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..bc07a0914 --- /dev/null +++ b/templates/oam/workloads/1.10.3/peerauthentication.istio.meshery.layer5io.schema.json @@ -0,0 +1,58 @@ +{ + "description": "PeerAuthentication defines how traffic will be tunneled (or not) to the sidecar.", + "properties": { + "mtls": { + "description": "Mutual TLS settings for workload.", + "properties": { + "mode": { + "description": "Defines the mTLS mode used for peer authentication.", + "enum": [ + "UNSET", + "DISABLE", + "PERMISSIVE", + "STRICT" + ], + "type": "string" + } + }, + "type": "object" + }, + "portLevelMtls": { + "additionalProperties": { + "properties": { + "mode": { + "description": "Defines the mTLS mode used for peer authentication.", + "enum": [ + "UNSET", + "DISABLE", + "PERMISSIVE", + "STRICT" + ], + "type": "string" + } + }, + "type": "object" + }, + "description": "Port specific mutual TLS settings.", + "type": "object" + }, + "selector": { + "description": "The selector determines the workloads to apply the ChannelAuthentication on.", + "properties": { + "matchLabels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "PeerAuthentication", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/peerauthentication.istio_definition.json b/templates/oam/workloads/1.10.3/peerauthentication.istio_definition.json new file mode 100644 index 000000000..2ad682240 --- /dev/null +++ b/templates/oam/workloads/1.10.3/peerauthentication.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "PeerAuthentication.Istio" + }, + "spec": { + "definitionRef": { + "name": "peerauthentication.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "security.istio.io/v1beta1", + "k8sKind": "PeerAuthentication" + } + } +} diff --git a/templates/oam/workloads/1.10.3/requestauthentication.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/requestauthentication.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..901c42a83 --- /dev/null +++ b/templates/oam/workloads/1.10.3/requestauthentication.istio.meshery.layer5io.schema.json @@ -0,0 +1,92 @@ +{ + "description": "RequestAuthentication defines what request authentication methods are supported by a workload.", + "properties": { + "jwtRules": { + "description": "Define the list of JWTs that can be validated at the selected workloads' proxy.", + "items": { + "properties": { + "audiences": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "forwardOriginalToken": { + "description": "If set to true, the orginal token will be kept for the ustream request.", + "type": "boolean" + }, + "fromHeaders": { + "description": "List of header locations from which JWT is expected.", + "items": { + "properties": { + "name": { + "description": "The HTTP header name.", + "format": "string", + "type": "string" + }, + "prefix": { + "description": "The prefix that should be stripped before decoding the token.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "fromParams": { + "description": "List of query parameters from which JWT is expected.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "issuer": { + "description": "Identifies the issuer that issued the JWT.", + "format": "string", + "type": "string" + }, + "jwks": { + "description": "JSON Web Key Set of public keys to validate signature of the JWT.", + "format": "string", + "type": "string" + }, + "jwks_uri": { + "format": "string", + "type": "string" + }, + "jwksUri": { + "format": "string", + "type": "string" + }, + "outputPayloadToHeader": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "selector": { + "description": "The selector determines the workloads to apply the RequestAuthentication on.", + "properties": { + "matchLabels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "RequestAuthentication", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/requestauthentication.istio_definition.json b/templates/oam/workloads/1.10.3/requestauthentication.istio_definition.json new file mode 100644 index 000000000..4f3942659 --- /dev/null +++ b/templates/oam/workloads/1.10.3/requestauthentication.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "RequestAuthentication.Istio" + }, + "spec": { + "definitionRef": { + "name": "requestauthentication.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "security.istio.io/v1beta1", + "k8sKind": "RequestAuthentication" + } + } +} diff --git a/templates/oam/workloads/1.10.3/serviceentry.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/serviceentry.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..73c60d0eb --- /dev/null +++ b/templates/oam/workloads/1.10.3/serviceentry.istio.meshery.layer5io.schema.json @@ -0,0 +1,141 @@ +{ + "description": "Configuration affecting service registry. See more details at: https://istio.io/docs/reference/config/networking/service-entry.html", + "properties": { + "addresses": { + "description": "The virtual IP addresses associated with the service.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "endpoints": { + "description": "One or more endpoints associated with the service.", + "items": { + "properties": { + "address": { + "format": "string", + "type": "string" + }, + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "description": "One or more labels associated with the endpoint.", + "type": "object" + }, + "locality": { + "description": "The locality associated with the endpoint.", + "format": "string", + "type": "string" + }, + "network": { + "format": "string", + "type": "string" + }, + "ports": { + "additionalProperties": { + "type": "integer" + }, + "description": "Set of ports associated with the endpoint.", + "type": "object" + }, + "serviceAccount": { + "format": "string", + "type": "string" + }, + "weight": { + "description": "The load balancing weight associated with the endpoint.", + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + "exportTo": { + "description": "A list of namespaces to which this service is exported.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "hosts": { + "description": "The hosts associated with the ServiceEntry.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "location": { + "enum": [ + "MESH_EXTERNAL", + "MESH_INTERNAL" + ], + "type": "string" + }, + "ports": { + "description": "The ports associated with the external service.", + "items": { + "properties": { + "name": { + "description": "Label assigned to the port.", + "format": "string", + "type": "string" + }, + "number": { + "description": "A valid non-negative integer port number.", + "type": "integer" + }, + "protocol": { + "description": "The protocol exposed on the port.", + "format": "string", + "type": "string" + }, + "targetPort": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + "resolution": { + "description": "Service discovery mode for the hosts.", + "enum": [ + "NONE", + "STATIC", + "DNS" + ], + "type": "string" + }, + "subjectAltNames": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "workloadSelector": { + "description": "Applicable only for MESH_INTERNAL services.", + "properties": { + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "ServiceEntry", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/serviceentry.istio_definition.json b/templates/oam/workloads/1.10.3/serviceentry.istio_definition.json new file mode 100644 index 000000000..ffe3c4367 --- /dev/null +++ b/templates/oam/workloads/1.10.3/serviceentry.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "ServiceEntry.Istio" + }, + "spec": { + "definitionRef": { + "name": "serviceentry.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "ServiceEntry" + } + } +} diff --git a/templates/oam/workloads/1.10.3/sidecar.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/sidecar.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..8692584f3 --- /dev/null +++ b/templates/oam/workloads/1.10.3/sidecar.istio.meshery.layer5io.schema.json @@ -0,0 +1,157 @@ +{ + "description": "Configuration affecting network reachability of a sidecar. See more details at: https://istio.io/docs/reference/config/networking/sidecar.html", + "properties": { + "egress": { + "items": { + "properties": { + "bind": { + "format": "string", + "type": "string" + }, + "captureMode": { + "enum": [ + "DEFAULT", + "IPTABLES", + "NONE" + ], + "type": "string" + }, + "hosts": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "port": { + "description": "The port associated with the listener.", + "properties": { + "name": { + "description": "Label assigned to the port.", + "format": "string", + "type": "string" + }, + "number": { + "description": "A valid non-negative integer port number.", + "type": "integer" + }, + "protocol": { + "description": "The protocol exposed on the port.", + "format": "string", + "type": "string" + }, + "targetPort": { + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "ingress": { + "items": { + "properties": { + "bind": { + "description": "The IP to which the listener should be bound.", + "format": "string", + "type": "string" + }, + "captureMode": { + "enum": [ + "DEFAULT", + "IPTABLES", + "NONE" + ], + "type": "string" + }, + "defaultEndpoint": { + "format": "string", + "type": "string" + }, + "port": { + "description": "The port associated with the listener.", + "properties": { + "name": { + "description": "Label assigned to the port.", + "format": "string", + "type": "string" + }, + "number": { + "description": "A valid non-negative integer port number.", + "type": "integer" + }, + "protocol": { + "description": "The protocol exposed on the port.", + "format": "string", + "type": "string" + }, + "targetPort": { + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "outboundTrafficPolicy": { + "description": "Configuration for the outbound traffic policy.", + "properties": { + "egressProxy": { + "properties": { + "host": { + "description": "The name of a service from the service registry.", + "format": "string", + "type": "string" + }, + "port": { + "description": "Specifies the port on the host that is being addressed.", + "properties": { + "number": { + "type": "integer" + } + }, + "type": "object" + }, + "subset": { + "description": "The name of a subset within the service.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "mode": { + "enum": [ + "REGISTRY_ONLY", + "ALLOW_ANY" + ], + "type": "string" + } + }, + "type": "object" + }, + "workloadSelector": { + "properties": { + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "Sidecar", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/sidecar.istio_definition.json b/templates/oam/workloads/1.10.3/sidecar.istio_definition.json new file mode 100644 index 000000000..7a1f170ae --- /dev/null +++ b/templates/oam/workloads/1.10.3/sidecar.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "Sidecar.Istio" + }, + "spec": { + "definitionRef": { + "name": "sidecar.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "Sidecar" + } + } +} diff --git a/templates/oam/workloads/1.10.3/telemetry.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/telemetry.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..8bec96373 --- /dev/null +++ b/templates/oam/workloads/1.10.3/telemetry.istio.meshery.layer5io.schema.json @@ -0,0 +1,149 @@ +{ + "description": "Telemetry defines how the telemetry is generated for workloads within a mesh.", + "properties": { + "selector": { + "description": "Optional.", + "properties": { + "matchLabels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "tracing": { + "description": "Optional.", + "items": { + "properties": { + "customTags": { + "additionalProperties": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "literal" + ] + }, + { + "required": [ + "environment" + ] + }, + { + "required": [ + "header" + ] + } + ] + } + }, + { + "required": [ + "literal" + ] + }, + { + "required": [ + "environment" + ] + }, + { + "required": [ + "header" + ] + } + ], + "properties": { + "environment": { + "description": "Environment adds the value of an environment variable to each span.", + "properties": { + "defaultValue": { + "description": "Optional.", + "format": "string", + "type": "string" + }, + "name": { + "description": "Name of the environment variable from which to extract the tag value.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "header": { + "description": "RequestHeader adds the value of an header from the request to each span.", + "properties": { + "defaultValue": { + "description": "Optional.", + "format": "string", + "type": "string" + }, + "name": { + "description": "Name of the header from which to extract the tag value.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "literal": { + "description": "Literal adds the same, hard-coded value to each span.", + "properties": { + "value": { + "description": "The tag value to use.", + "format": "string", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "description": "Optional.", + "type": "object" + }, + "disableSpanReporting": { + "description": "Controls span reporting.", + "type": [ + "boolean", + "null" + ] + }, + "providers": { + "description": "Optional.", + "items": { + "properties": { + "name": { + "description": "Required.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "randomSamplingPercentage": { + "type": [ + "number", + "null" + ] + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "Telemetry", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/telemetry.istio_definition.json b/templates/oam/workloads/1.10.3/telemetry.istio_definition.json new file mode 100644 index 000000000..bef253ed1 --- /dev/null +++ b/templates/oam/workloads/1.10.3/telemetry.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "Telemetry.Istio" + }, + "spec": { + "definitionRef": { + "name": "telemetry.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "telemetry.istio.io/v1alpha1", + "k8sKind": "Telemetry" + } + } +} diff --git a/templates/oam/workloads/1.10.3/virtualservice.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/virtualservice.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..d8373753f --- /dev/null +++ b/templates/oam/workloads/1.10.3/virtualservice.istio.meshery.layer5io.schema.json @@ -0,0 +1,1203 @@ +{ + "description": "Configuration affecting label/content routing, sni routing, etc. See more details at: https://istio.io/docs/reference/config/networking/virtual-service.html", + "properties": { + "exportTo": { + "description": "A list of namespaces to which this virtual service is exported.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "gateways": { + "description": "The names of gateways and sidecars that should apply these routes.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "hosts": { + "description": "The destination hosts to which traffic is being sent.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "http": { + "description": "An ordered list of route rules for HTTP traffic.", + "items": { + "properties": { + "corsPolicy": { + "description": "Cross-Origin Resource Sharing policy (CORS).", + "properties": { + "allowCredentials": { + "type": [ + "boolean", + "null" + ] + }, + "allowHeaders": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "allowMethods": { + "description": "List of HTTP methods allowed to access the resource.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "allowOrigin": { + "description": "The list of origins that are allowed to perform CORS requests.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "allowOrigins": { + "description": "String patterns that match allowed origins.", + "items": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "exposeHeaders": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "maxAge": { + "type": "string" + } + }, + "type": "object" + }, + "delegate": { + "properties": { + "name": { + "description": "Name specifies the name of the delegate VirtualService.", + "format": "string", + "type": "string" + }, + "namespace": { + "description": "Namespace specifies the namespace where the delegate VirtualService resides.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "fault": { + "description": "Fault injection policy to apply on HTTP traffic at the client side.", + "properties": { + "abort": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpStatus" + ] + }, + { + "required": [ + "grpcStatus" + ] + }, + { + "required": [ + "http2Error" + ] + } + ] + } + }, + { + "required": [ + "httpStatus" + ] + }, + { + "required": [ + "grpcStatus" + ] + }, + { + "required": [ + "http2Error" + ] + } + ], + "properties": { + "grpcStatus": { + "format": "string", + "type": "string" + }, + "http2Error": { + "format": "string", + "type": "string" + }, + "httpStatus": { + "description": "HTTP status code to use to abort the Http request.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "percentage": { + "description": "Percentage of requests to be aborted with the error code provided.", + "properties": { + "value": { + "format": "double", + "type": "number", + "minimum": -1.7976931348623157e+308, + "maximum": 1.7976931348623157e+308 + } + }, + "type": "object" + } + }, + "type": "object" + }, + "delay": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "fixedDelay" + ] + }, + { + "required": [ + "exponentialDelay" + ] + } + ] + } + }, + { + "required": [ + "fixedDelay" + ] + }, + { + "required": [ + "exponentialDelay" + ] + } + ], + "properties": { + "exponentialDelay": { + "type": "string" + }, + "fixedDelay": { + "description": "Add a fixed delay before forwarding the request.", + "type": "string" + }, + "percent": { + "description": "Percentage of requests on which the delay will be injected (0-100).", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "percentage": { + "description": "Percentage of requests on which the delay will be injected.", + "properties": { + "value": { + "format": "double", + "type": "number", + "minimum": -1.7976931348623157e+308, + "maximum": 1.7976931348623157e+308 + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "headers": { + "properties": { + "request": { + "properties": { + "add": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "remove": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "set": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "response": { + "properties": { + "add": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "remove": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "set": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "match": { + "items": { + "properties": { + "authority": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "gateways": { + "description": "Names of gateways where the rule should be applied.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "headers": { + "additionalProperties": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "object" + }, + "ignoreUriCase": { + "description": "Flag to specify whether the URI matching should be case-insensitive.", + "type": "boolean" + }, + "method": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "name": { + "description": "The name assigned to a match.", + "format": "string", + "type": "string" + }, + "port": { + "description": "Specifies the ports on the host that is being addressed.", + "type": "integer" + }, + "queryParams": { + "additionalProperties": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "description": "Query parameters for matching.", + "type": "object" + }, + "scheme": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "sourceLabels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "sourceNamespace": { + "description": "Source namespace constraining the applicability of a rule to workloads in that namespace.", + "format": "string", + "type": "string" + }, + "uri": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "withoutHeaders": { + "additionalProperties": { + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ] + } + }, + { + "required": [ + "exact" + ] + }, + { + "required": [ + "prefix" + ] + }, + { + "required": [ + "regex" + ] + } + ], + "properties": { + "exact": { + "format": "string", + "type": "string" + }, + "prefix": { + "format": "string", + "type": "string" + }, + "regex": { + "description": "RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax).", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "description": "withoutHeader has the same syntax with the header, but has opposite meaning.", + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "mirror": { + "properties": { + "host": { + "description": "The name of a service from the service registry.", + "format": "string", + "type": "string" + }, + "port": { + "description": "Specifies the port on the host that is being addressed.", + "properties": { + "number": { + "type": "integer" + } + }, + "type": "object" + }, + "subset": { + "description": "The name of a subset within the service.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "mirror_percent": { + "description": "Percentage of the traffic to be mirrored by the `mirror` field.", + "type": [ + "integer", + "null" + ] + }, + "mirrorPercent": { + "description": "Percentage of the traffic to be mirrored by the `mirror` field.", + "type": [ + "integer", + "null" + ] + }, + "mirrorPercentage": { + "description": "Percentage of the traffic to be mirrored by the `mirror` field.", + "properties": { + "value": { + "format": "double", + "type": "number", + "minimum": -1.7976931348623157e+308, + "maximum": 1.7976931348623157e+308 + } + }, + "type": "object" + }, + "name": { + "description": "The name assigned to the route for debugging purposes.", + "format": "string", + "type": "string" + }, + "redirect": { + "description": "A HTTP rule can either redirect or forward (default) traffic.", + "properties": { + "authority": { + "format": "string", + "type": "string" + }, + "redirectCode": { + "type": "integer" + }, + "uri": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "retries": { + "description": "Retry policy for HTTP requests.", + "properties": { + "attempts": { + "description": "Number of retries to be allowed for a given request.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "perTryTimeout": { + "description": "Timeout per attempt for a given request, including the initial call and any retries.", + "type": "string" + }, + "retryOn": { + "description": "Specifies the conditions under which retry takes place.", + "format": "string", + "type": "string" + }, + "retryRemoteLocalities": { + "description": "Flag to specify whether the retries should retry to other localities.", + "type": [ + "boolean", + "null" + ] + } + }, + "type": "object" + }, + "rewrite": { + "description": "Rewrite HTTP URIs and Authority headers.", + "properties": { + "authority": { + "description": "rewrite the Authority/Host header with this value.", + "format": "string", + "type": "string" + }, + "uri": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "route": { + "description": "A HTTP rule can either redirect or forward (default) traffic.", + "items": { + "properties": { + "destination": { + "properties": { + "host": { + "description": "The name of a service from the service registry.", + "format": "string", + "type": "string" + }, + "port": { + "description": "Specifies the port on the host that is being addressed.", + "properties": { + "number": { + "type": "integer" + } + }, + "type": "object" + }, + "subset": { + "description": "The name of a subset within the service.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "headers": { + "properties": { + "request": { + "properties": { + "add": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "remove": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "set": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "response": { + "properties": { + "add": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "remove": { + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "set": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "type": "array" + }, + "timeout": { + "description": "Timeout for HTTP requests, default is disabled.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "tcp": { + "description": "An ordered list of route rules for opaque TCP traffic.", + "items": { + "properties": { + "match": { + "items": { + "properties": { + "destinationSubnets": { + "description": "IPv4 or IPv6 ip addresses of destination with optional subnet.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "gateways": { + "description": "Names of gateways where the rule should be applied.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "port": { + "description": "Specifies the port on the host that is being addressed.", + "type": "integer" + }, + "sourceLabels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "sourceNamespace": { + "description": "Source namespace constraining the applicability of a rule to workloads in that namespace.", + "format": "string", + "type": "string" + }, + "sourceSubnet": { + "description": "IPv4 or IPv6 ip address of source with optional subnet.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "route": { + "description": "The destination to which the connection should be forwarded to.", + "items": { + "properties": { + "destination": { + "properties": { + "host": { + "description": "The name of a service from the service registry.", + "format": "string", + "type": "string" + }, + "port": { + "description": "Specifies the port on the host that is being addressed.", + "properties": { + "number": { + "type": "integer" + } + }, + "type": "object" + }, + "subset": { + "description": "The name of a subset within the service.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "tls": { + "items": { + "properties": { + "match": { + "items": { + "properties": { + "destinationSubnets": { + "description": "IPv4 or IPv6 ip addresses of destination with optional subnet.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "gateways": { + "description": "Names of gateways where the rule should be applied.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "port": { + "description": "Specifies the port on the host that is being addressed.", + "type": "integer" + }, + "sniHosts": { + "description": "SNI (server name indicator) to match on.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "sourceLabels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "sourceNamespace": { + "description": "Source namespace constraining the applicability of a rule to workloads in that namespace.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "route": { + "description": "The destination to which the connection should be forwarded to.", + "items": { + "properties": { + "destination": { + "properties": { + "host": { + "description": "The name of a service from the service registry.", + "format": "string", + "type": "string" + }, + "port": { + "description": "Specifies the port on the host that is being addressed.", + "properties": { + "number": { + "type": "integer" + } + }, + "type": "object" + }, + "subset": { + "description": "The name of a subset within the service.", + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "VirtualService", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/virtualservice.istio_definition.json b/templates/oam/workloads/1.10.3/virtualservice.istio_definition.json new file mode 100644 index 000000000..6488e25be --- /dev/null +++ b/templates/oam/workloads/1.10.3/virtualservice.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "VirtualService.Istio" + }, + "spec": { + "definitionRef": { + "name": "virtualservice.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "VirtualService" + } + } +} diff --git a/templates/oam/workloads/1.10.3/workloadentry.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/workloadentry.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..d84340d20 --- /dev/null +++ b/templates/oam/workloads/1.10.3/workloadentry.istio.meshery.layer5io.schema.json @@ -0,0 +1,46 @@ +{ + "description": "Configuration affecting VMs onboarded into the mesh. See more details at: https://istio.io/docs/reference/config/networking/workload-entry.html", + "properties": { + "address": { + "format": "string", + "type": "string" + }, + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "description": "One or more labels associated with the endpoint.", + "type": "object" + }, + "locality": { + "description": "The locality associated with the endpoint.", + "format": "string", + "type": "string" + }, + "network": { + "format": "string", + "type": "string" + }, + "ports": { + "additionalProperties": { + "type": "integer" + }, + "description": "Set of ports associated with the endpoint.", + "type": "object" + }, + "serviceAccount": { + "format": "string", + "type": "string" + }, + "weight": { + "description": "The load balancing weight associated with the endpoint.", + "type": "integer" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "WorkloadEntry", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/workloadentry.istio_definition.json b/templates/oam/workloads/1.10.3/workloadentry.istio_definition.json new file mode 100644 index 000000000..f19dc4636 --- /dev/null +++ b/templates/oam/workloads/1.10.3/workloadentry.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "WorkloadEntry.Istio" + }, + "spec": { + "definitionRef": { + "name": "workloadentry.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "WorkloadEntry" + } + } +} diff --git a/templates/oam/workloads/1.10.3/workloadgroup.istio.meshery.layer5io.schema.json b/templates/oam/workloads/1.10.3/workloadgroup.istio.meshery.layer5io.schema.json new file mode 100644 index 000000000..75702f6b6 --- /dev/null +++ b/templates/oam/workloads/1.10.3/workloadgroup.istio.meshery.layer5io.schema.json @@ -0,0 +1,218 @@ +{ + "description": "Describes a collection of workload instances. See more details at: https://istio.io/docs/reference/config/networking/workload-group.html", + "properties": { + "metadata": { + "description": "Metadata that will be used for all corresponding `WorkloadEntries`.", + "properties": { + "annotations": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "probe": { + "description": "`ReadinessProbe` describes the configuration the user must provide for healthchecking on their workload.", + "oneOf": [ + { + "not": { + "anyOf": [ + { + "required": [ + "httpGet" + ] + }, + { + "required": [ + "tcpSocket" + ] + }, + { + "required": [ + "exec" + ] + } + ] + } + }, + { + "required": [ + "httpGet" + ] + }, + { + "required": [ + "tcpSocket" + ] + }, + { + "required": [ + "exec" + ] + } + ], + "properties": { + "exec": { + "description": "Health is determined by how the command that is executed exited.", + "properties": { + "command": { + "description": "Command to run.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "httpGet": { + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP.", + "format": "string", + "type": "string" + }, + "httpHeaders": { + "description": "Headers the proxy will pass on to make the request.", + "items": { + "properties": { + "name": { + "format": "string", + "type": "string" + }, + "value": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "format": "string", + "type": "string" + }, + "port": { + "description": "Port on which the endpoint lives.", + "type": "integer" + }, + "scheme": { + "format": "string", + "type": "string" + } + }, + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before readiness probes are initiated.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + }, + "tcpSocket": { + "description": "Health is determined by if the proxy is able to connect.", + "properties": { + "host": { + "format": "string", + "type": "string" + }, + "port": { + "type": "integer" + } + }, + "type": "object" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out.", + "format": "int32", + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647 + } + }, + "type": "object" + }, + "template": { + "description": "Template to be used for the generation of `WorkloadEntry` resources that belong to this `WorkloadGroup`.", + "properties": { + "address": { + "format": "string", + "type": "string" + }, + "labels": { + "additionalProperties": { + "format": "string", + "type": "string" + }, + "description": "One or more labels associated with the endpoint.", + "type": "object" + }, + "locality": { + "description": "The locality associated with the endpoint.", + "format": "string", + "type": "string" + }, + "network": { + "format": "string", + "type": "string" + }, + "ports": { + "additionalProperties": { + "type": "integer" + }, + "description": "Set of ports associated with the endpoint.", + "type": "object" + }, + "serviceAccount": { + "format": "string", + "type": "string" + }, + "weight": { + "description": "The load balancing weight associated with the endpoint.", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object", + "$schema": "http://json-schema.org/draft-04/schema#", + "version": "1.10.3", + "object-type": "WorkloadGroup", + "service-mesh": "Istio" +} diff --git a/templates/oam/workloads/1.10.3/workloadgroup.istio_definition.json b/templates/oam/workloads/1.10.3/workloadgroup.istio_definition.json new file mode 100644 index 000000000..9d667aa99 --- /dev/null +++ b/templates/oam/workloads/1.10.3/workloadgroup.istio_definition.json @@ -0,0 +1,19 @@ +{ + "apiVersion": "core.oam.dev/v1alpha1", + "kind": "WorkloadDefinition", + "metadata": { + "name": "WorkloadGroup.Istio" + }, + "spec": { + "definitionRef": { + "name": "workloadgroup.istio.meshery.layer5.io" + }, + "metadata": { + "@type": "pattern.meshery.io/mesh/workload", + "meshVersion": "1.10.3", + "meshName": "ISTIO", + "k8sAPIVersion": "networking.istio.io/v1alpha3", + "k8sKind": "WorkloadGroup" + } + } +}