diff --git a/operators/ack-apigatewayv2-controller/1.1.1/bundle.Dockerfile b/operators/ack-apigatewayv2-controller/1.1.1/bundle.Dockerfile new file mode 100644 index 000000000000..ce64d1618976 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/bundle.Dockerfile @@ -0,0 +1,21 @@ +FROM scratch + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=ack-apigatewayv2-controller +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.28.0 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=unknown + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY bundle/manifests /manifests/ +COPY bundle/metadata /metadata/ +COPY bundle/tests/scorecard /tests/scorecard/ diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-controller.clusterserviceversion.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-controller.clusterserviceversion.yaml new file mode 100644 index 000000000000..3ffa03584332 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-controller.clusterserviceversion.yaml @@ -0,0 +1,375 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "apigatewayv2.services.k8s.aws/v1alpha1", + "kind": "Deployment", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "apigatewayv2.services.k8s.aws/v1alpha1", + "kind": "API", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "apigatewayv2.services.k8s.aws/v1alpha1", + "kind": "Authorizer", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "apigatewayv2.services.k8s.aws/v1alpha1", + "kind": "Integration", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "apigatewayv2.services.k8s.aws/v1alpha1", + "kind": "Route", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "apigatewayv2.services.k8s.aws/v1alpha1", + "kind": "Stage", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "apigatewayv2.services.k8s.aws/v1alpha1", + "kind": "VPCLink", + "metadata": { + "name": "example" + }, + "spec": {} + } + ] + capabilities: Basic Install + categories: Cloud Provider + certified: "false" + containerImage: public.ecr.aws/aws-controllers-k8s/apigatewayv2-controller:1.1.1 + createdAt: "2025-09-19T21:58:07Z" + description: AWS API Gateway v2 controller is a service controller for managing + API Gateway v2 resources in Kubernetes + operatorframework.io/suggested-namespace: ack-system + operators.operatorframework.io/builder: operator-sdk-v1.28.0 + operators.operatorframework.io/project_layout: unknown + repository: https://github.com/aws-controllers-k8s + support: Community + labels: + operatorframework.io/arch.amd64: supported + operatorframework.io/arch.arm64: supported + operatorframework.io/os.linux: supported + name: ack-apigatewayv2-controller.v1.1.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: APIMapping represents the state of an AWS apigatewayv2 APIMapping + resource. + displayName: APIMapping + kind: APIMapping + name: apimappings.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: API represents the state of an AWS apigatewayv2 API resource. + displayName: API + kind: API + name: apis.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: Authorizer represents the state of an AWS apigatewayv2 Authorizer + resource. + displayName: Authorizer + kind: Authorizer + name: authorizers.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: Deployment represents the state of an AWS apigatewayv2 Deployment + resource. + displayName: Deployment + kind: Deployment + name: deployments.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: DomainName represents the state of an AWS apigatewayv2 DomainName + resource. + displayName: DomainName + kind: DomainName + name: domainnames.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: Integration represents the state of an AWS apigatewayv2 Integration + resource. + displayName: Integration + kind: Integration + name: integrations.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: Route represents the state of an AWS apigatewayv2 Route resource. + displayName: Route + kind: Route + name: routes.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: Stage represents the state of an AWS apigatewayv2 Stage resource. + displayName: Stage + kind: Stage + name: stages.apigatewayv2.services.k8s.aws + version: v1alpha1 + - description: VPCLink represents the state of an AWS apigatewayv2 VPCLink resource. + displayName: VPCLink + kind: VPCLink + name: vpclinks.apigatewayv2.services.k8s.aws + version: v1alpha1 + description: |- + Manage Amazon API Gateway v2 resources in AWS from within your Kubernetes cluster. Currently only HTTP APIs are supported. WebSocket API support will be added soon. For HTTP APIs, DomainName and APIMapping resource support will be added soon. + + **About Amazon API Gateway v2** + + Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications. API Gateway supports containerized and serverless workloads, as well as web applications. + + API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, CORS support, authorization and access control, throttling, monitoring, and API version management. API Gateway has no minimum fees or startup costs. You pay for the API calls you receive and the amount of data transferred out and, with the API Gateway tiered pricing model, you can reduce your cost as your API usage scales. + + **About the AWS Controllers for Kubernetes** + + This controller is a component of the [AWS Controller for Kubernetes](https://github.com/aws/aws-controllers-k8s) project. + + **Pre-Installation Steps** + + Please follow the following link: [Red Hat OpenShift](https://aws-controllers-k8s.github.io/community/docs/user-docs/openshift/) + displayName: AWS Controllers for Kubernetes - Amazon API Gateway v2 + icon: + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDE5LjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB2aWV3Qm94PSIwIDAgMzA0IDE4MiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgMzA0IDE4MjsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMyNTJGM0U7fQoJLnN0MXtmaWxsLXJ1bGU6ZXZlbm9kZDtjbGlwLXJ1bGU6ZXZlbm9kZDtmaWxsOiNGRjk5MDA7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04Ni40LDY2LjRjMCwzLjcsMC40LDYuNywxLjEsOC45YzAuOCwyLjIsMS44LDQuNiwzLjIsNy4yYzAuNSwwLjgsMC43LDEuNiwwLjcsMi4zYzAsMS0wLjYsMi0xLjksM2wtNi4zLDQuMiAgIGMtMC45LDAuNi0xLjgsMC45LTIuNiwwLjljLTEsMC0yLTAuNS0zLTEuNEM3Ni4yLDkwLDc1LDg4LjQsNzQsODYuOGMtMS0xLjctMi0zLjYtMy4xLTUuOWMtNy44LDkuMi0xNy42LDEzLjgtMjkuNCwxMy44ICAgYy04LjQsMC0xNS4xLTIuNC0yMC03LjJjLTQuOS00LjgtNy40LTExLjItNy40LTE5LjJjMC04LjUsMy0xNS40LDkuMS0yMC42YzYuMS01LjIsMTQuMi03LjgsMjQuNS03LjhjMy40LDAsNi45LDAuMywxMC42LDAuOCAgIGMzLjcsMC41LDcuNSwxLjMsMTEuNSwyLjJ2LTcuM2MwLTcuNi0xLjYtMTIuOS00LjctMTZjLTMuMi0zLjEtOC42LTQuNi0xNi4zLTQuNmMtMy41LDAtNy4xLDAuNC0xMC44LDEuM2MtMy43LDAuOS03LjMsMi0xMC44LDMuNCAgIGMtMS42LDAuNy0yLjgsMS4xLTMuNSwxLjNjLTAuNywwLjItMS4yLDAuMy0xLjYsMC4zYy0xLjQsMC0yLjEtMS0yLjEtMy4xdi00LjljMC0xLjYsMC4yLTIuOCwwLjctMy41YzAuNS0wLjcsMS40LTEuNCwyLjgtMi4xICAgYzMuNS0xLjgsNy43LTMuMywxMi42LTQuNWM0LjktMS4zLDEwLjEtMS45LDE1LjYtMS45YzExLjksMCwyMC42LDIuNywyNi4yLDguMWM1LjUsNS40LDguMywxMy42LDguMywyNC42VjY2LjR6IE00NS44LDgxLjYgICBjMy4zLDAsNi43LTAuNiwxMC4zLTEuOGMzLjYtMS4yLDYuOC0zLjQsOS41LTYuNGMxLjYtMS45LDIuOC00LDMuNC02LjRjMC42LTIuNCwxLTUuMywxLTguN3YtNC4yYy0yLjktMC43LTYtMS4zLTkuMi0xLjcgICBjLTMuMi0wLjQtNi4zLTAuNi05LjQtMC42Yy02LjcsMC0xMS42LDEuMy0xNC45LDRjLTMuMywyLjctNC45LDYuNS00LjksMTEuNWMwLDQuNywxLjIsOC4yLDMuNywxMC42ICAgQzM3LjcsODAuNCw0MS4yLDgxLjYsNDUuOCw4MS42eiBNMTI2LjEsOTIuNGMtMS44LDAtMy0wLjMtMy44LTFjLTAuOC0wLjYtMS41LTItMi4xLTMuOUw5Ni43LDEwLjJjLTAuNi0yLTAuOS0zLjMtMC45LTQgICBjMC0xLjYsMC44LTIuNSwyLjQtMi41aDkuOGMxLjksMCwzLjIsMC4zLDMuOSwxYzAuOCwwLjYsMS40LDIsMiwzLjlsMTYuOCw2Ni4ybDE1LjYtNjYuMmMwLjUtMiwxLjEtMy4zLDEuOS0zLjljMC44LTAuNiwyLjItMSw0LTEgICBoOGMxLjksMCwzLjIsMC4zLDQsMWMwLjgsMC42LDEuNSwyLDEuOSwzLjlsMTUuOCw2N2wxNy4zLTY3YzAuNi0yLDEuMy0zLjMsMi0zLjljMC44LTAuNiwyLjEtMSwzLjktMWg5LjNjMS42LDAsMi41LDAuOCwyLjUsMi41ICAgYzAsMC41LTAuMSwxLTAuMiwxLjZjLTAuMSwwLjYtMC4zLDEuNC0wLjcsMi41bC0yNC4xLDc3LjNjLTAuNiwyLTEuMywzLjMtMi4xLDMuOWMtMC44LDAuNi0yLjEsMS0zLjgsMWgtOC42Yy0xLjksMC0zLjItMC4zLTQtMSAgIGMtMC44LTAuNy0xLjUtMi0xLjktNEwxNTYsMjNsLTE1LjQsNjQuNGMtMC41LDItMS4xLDMuMy0xLjksNGMtMC44LDAuNy0yLjIsMS00LDFIMTI2LjF6IE0yNTQuNiw5NS4xYy01LjIsMC0xMC40LTAuNi0xNS40LTEuOCAgIGMtNS0xLjItOC45LTIuNS0xMS41LTRjLTEuNi0wLjktMi43LTEuOS0zLjEtMi44Yy0wLjQtMC45LTAuNi0xLjktMC42LTIuOHYtNS4xYzAtMi4xLDAuOC0zLjEsMi4zLTMuMWMwLjYsMCwxLjIsMC4xLDEuOCwwLjMgICBjMC42LDAuMiwxLjUsMC42LDIuNSwxYzMuNCwxLjUsNy4xLDIuNywxMSwzLjVjNCwwLjgsNy45LDEuMiwxMS45LDEuMmM2LjMsMCwxMS4yLTEuMSwxNC42LTMuM2MzLjQtMi4yLDUuMi01LjQsNS4yLTkuNSAgIGMwLTIuOC0wLjktNS4xLTIuNy03Yy0xLjgtMS45LTUuMi0zLjYtMTAuMS01LjJMMjQ2LDUyYy03LjMtMi4zLTEyLjctNS43LTE2LTEwLjJjLTMuMy00LjQtNS05LjMtNS0xNC41YzAtNC4yLDAuOS03LjksMi43LTExLjEgICBjMS44LTMuMiw0LjItNiw3LjItOC4yYzMtMi4zLDYuNC00LDEwLjQtNS4yYzQtMS4yLDguMi0xLjcsMTIuNi0xLjdjMi4yLDAsNC41LDAuMSw2LjcsMC40YzIuMywwLjMsNC40LDAuNyw2LjUsMS4xICAgYzIsMC41LDMuOSwxLDUuNywxLjZjMS44LDAuNiwzLjIsMS4yLDQuMiwxLjhjMS40LDAuOCwyLjQsMS42LDMsMi41YzAuNiwwLjgsMC45LDEuOSwwLjksMy4zdjQuN2MwLDIuMS0wLjgsMy4yLTIuMywzLjIgICBjLTAuOCwwLTIuMS0wLjQtMy44LTEuMmMtNS43LTIuNi0xMi4xLTMuOS0xOS4yLTMuOWMtNS43LDAtMTAuMiwwLjktMTMuMywyLjhjLTMuMSwxLjktNC43LDQuOC00LjcsOC45YzAsMi44LDEsNS4yLDMsNy4xICAgYzIsMS45LDUuNywzLjgsMTEsNS41bDE0LjIsNC41YzcuMiwyLjMsMTIuNCw1LjUsMTUuNSw5LjZjMy4xLDQuMSw0LjYsOC44LDQuNiwxNGMwLDQuMy0wLjksOC4yLTIuNiwxMS42ICAgYy0xLjgsMy40LTQuMiw2LjQtNy4zLDguOGMtMy4xLDIuNS02LjgsNC4zLTExLjEsNS42QzI2NC40LDk0LjQsMjU5LjcsOTUuMSwyNTQuNiw5NS4xeiIvPgoJPGc+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI3My41LDE0My43Yy0zMi45LDI0LjMtODAuNywzNy4yLTEyMS44LDM3LjJjLTU3LjYsMC0xMDkuNS0yMS4zLTE0OC43LTU2LjdjLTMuMS0yLjgtMC4zLTYuNiwzLjQtNC40ICAgIGM0Mi40LDI0LjYsOTQuNywzOS41LDE0OC44LDM5LjVjMzYuNSwwLDc2LjYtNy42LDExMy41LTIzLjJDMjc0LjIsMTMzLjYsMjc4LjksMTM5LjcsMjczLjUsMTQzLjd6Ii8+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI4Ny4yLDEyOC4xYy00LjItNS40LTI3LjgtMi42LTM4LjUtMS4zYy0zLjIsMC40LTMuNy0yLjQtMC44LTQuNWMxOC44LTEzLjIsNDkuNy05LjQsNTMuMy01ICAgIGMzLjYsNC41LTEsMzUuNC0xOC42LDUwLjJjLTIuNywyLjMtNS4zLDEuMS00LjEtMS45QzI4Mi41LDE1NS43LDI5MS40LDEzMy40LDI4Ny4yLDEyOC4xeiIvPgoJPC9nPgo8L2c+Cjwvc3ZnPg== + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - apigatewayv2.services.k8s.aws + resources: + - apimappings + - apis + - authorizers + - deployments + - domainnames + - integrations + - routes + - stages + - vpclinks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apigatewayv2.services.k8s.aws + resources: + - apimappings/status + - apis/status + - authorizers/status + - deployments/status + - domainnames/status + - integrations/status + - routes/status + - stages/status + - vpclinks/status + verbs: + - get + - patch + - update + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources + - fieldexports + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources/status + - fieldexports/status + verbs: + - get + - patch + - update + serviceAccountName: ack-apigatewayv2-controller + deployments: + - label: + app.kubernetes.io/name: ack-apigatewayv2-controller + app.kubernetes.io/part-of: ack-system + name: ack-apigatewayv2-controller + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: ack-apigatewayv2-controller + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/name: ack-apigatewayv2-controller + spec: + containers: + - args: + - --aws-region + - $(AWS_REGION) + - --aws-endpoint-url + - $(AWS_ENDPOINT_URL) + - --enable-development-logging=$(ACK_ENABLE_DEVELOPMENT_LOGGING) + - --log-level + - $(ACK_LOG_LEVEL) + - --resource-tags + - $(ACK_RESOURCE_TAGS) + - --watch-namespace + - $(ACK_WATCH_NAMESPACE) + - --enable-leader-election=$(ENABLE_LEADER_ELECTION) + - --leader-election-namespace + - $(LEADER_ELECTION_NAMESPACE) + - --reconcile-default-max-concurrent-syncs + - $(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS) + - --feature-gates + - $(FEATURE_GATES) + command: + - ./bin/controller + env: + - name: ACK_SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: ack-apigatewayv2-user-config + optional: false + - secretRef: + name: ack-apigatewayv2-user-secrets + optional: true + image: public.ecr.aws/aws-controllers-k8s/apigatewayv2-controller:1.1.1 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsNonRoot: true + dnsPolicy: ClusterFirst + securityContext: + seccompProfile: + type: RuntimeDefault + serviceAccountName: ack-apigatewayv2-controller + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: ack-apigatewayv2-controller + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: true + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - apigatewayv2 + - aws + - amazon + - ack + links: + - name: AWS Controllers for Kubernetes + url: https://github.com/aws-controllers-k8s/community + - name: Documentation + url: https://aws-controllers-k8s.github.io/community/ + - name: Amazon API Gateway v2 Developer Resources + url: https://aws.amazon.com/api-gateway/resources/ + maintainers: + - email: ack-maintainers@amazon.com + name: api gateway maintainer team + maturity: alpha + provider: + name: Amazon, Inc. + url: https://aws.amazon.com + version: 1.1.1 diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-metrics-service_v1_service.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-metrics-service_v1_service.yaml new file mode 100644 index 000000000000..6e1f5425334c --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-metrics-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: ack-apigatewayv2-metrics-service +spec: + ports: + - name: metricsport + port: 8080 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/name: ack-apigatewayv2-controller + type: ClusterIP +status: + loadBalancer: {} diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-reader_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-reader_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 000000000000..87a7b5ef2156 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-reader_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,22 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-apigatewayv2-reader +rules: +- apiGroups: + - apigatewayv2.services.k8s.aws + resources: + - apis + - apimappings + - authorizers + - deployments + - domainnames + - integrations + - routes + - stages + - vpclinks + verbs: + - get + - list + - watch diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-writer_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-writer_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 000000000000..07a719acc777 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/ack-apigatewayv2-writer_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,42 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-apigatewayv2-writer +rules: +- apiGroups: + - apigatewayv2.services.k8s.aws + resources: + - apis + - apimappings + - authorizers + - deployments + - domainnames + - integrations + - routes + - stages + - vpclinks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apigatewayv2.services.k8s.aws + resources: + - apis + - apimappings + - authorizers + - deployments + - domainnames + - integrations + - routes + - stages + - vpclinks + verbs: + - get + - patch + - update diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_apimappings.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_apimappings.yaml new file mode 100644 index 000000000000..ab34f3788931 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_apimappings.yaml @@ -0,0 +1,175 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: apimappings.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: APIMapping + listKind: APIMappingList + plural: apimappings + singular: apimapping + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: APIMapping is the Schema for the APIMappings API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + ApiMappingSpec defines the desired state of ApiMapping. + + Represents an API mapping. + properties: + apiID: + description: The API identifier. + type: string + apiMappingKey: + description: The API mapping key. + type: string + apiRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + domainName: + description: The domain name. + type: string + domainRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + stage: + description: The API stage. + type: string + required: + - stage + type: object + status: + description: APIMappingStatus defines the observed state of APIMapping + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + apiMappingID: + description: The API mapping identifier. + type: string + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_apis.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_apis.yaml new file mode 100644 index 000000000000..bd9e59022f82 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_apis.yaml @@ -0,0 +1,278 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: apis.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: API + listKind: APIList + plural: apis + singular: api + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: API is the Schema for the APIS API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + ApiSpec defines the desired state of Api. + + Represents an API. + properties: + apiKeySelectionExpression: + description: |- + An API key selection expression. Supported only for WebSocket APIs. See API + Key Selection Expressions (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions). + type: string + basepath: + description: |- + Specifies how to interpret the base path of the API during import. Valid + values are ignore, prepend, and split. The default value is ignore. To learn + more, see Set the OpenAPI basePath Property (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api-basePath.html). + Supported only for HTTP APIs. + type: string + body: + description: The OpenAPI definition. Supported only for HTTP APIs. + type: string + corsConfiguration: + description: |- + A CORS configuration. Supported only for HTTP APIs. See Configuring CORS + (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) + for more information. + properties: + allowCredentials: + type: boolean + allowHeaders: + description: Represents a collection of allowed headers. Supported + only for HTTP APIs. + items: + type: string + type: array + allowMethods: + description: Represents a collection of methods. Supported only + for HTTP APIs. + items: + type: string + type: array + allowOrigins: + description: Represents a collection of origins. Supported only + for HTTP APIs. + items: + type: string + type: array + exposeHeaders: + description: Represents a collection of allowed headers. Supported + only for HTTP APIs. + items: + type: string + type: array + maxAge: + description: An integer with a value between -1 and 86400. Supported + only for HTTP APIs. + format: int64 + type: integer + type: object + credentialsARN: + description: |- + This property is part of quick create. It specifies the credentials required + for the integration, if any. For a Lambda integration, three options are + available. To specify an IAM Role for API Gateway to assume, use the role's + Amazon Resource Name (ARN). To require that the caller's identity be passed + through from the request, specify arn:aws:iam::*:user/*. To use resource-based + permissions on supported AWS services, specify null. Currently, this property + is not used for HTTP integrations. Supported only for HTTP APIs. + type: string + description: + description: The description of the API. + type: string + disableExecuteAPIEndpoint: + description: |- + Specifies whether clients can invoke your API by using the default execute-api + endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com + endpoint. To require that clients use a custom domain name to invoke your + API, disable the default endpoint. + type: boolean + disableSchemaValidation: + description: |- + Avoid validating models when creating a deployment. Supported only for WebSocket + APIs. + type: boolean + failOnWarnings: + description: |- + Specifies whether to rollback the API creation when a warning is encountered. + By default, API creation continues if a warning is encountered. + type: boolean + name: + description: The name of the API. + type: string + protocolType: + description: The API protocol. + type: string + routeKey: + description: |- + This property is part of quick create. If you don't specify a routeKey, a + default route of $default is created. The $default route acts as a catch-all + for any request made to your API, for a particular stage. The $default route + key can't be modified. You can add routes after creating the API, and you + can update the route keys of additional routes. Supported only for HTTP APIs. + type: string + routeSelectionExpression: + description: |- + The route selection expression for the API. For HTTP APIs, the routeSelectionExpression + must be ${request.method} ${request.path}. If not provided, this will be + the default for HTTP APIs. This property is required for WebSocket APIs. + type: string + tags: + additionalProperties: + type: string + description: The collection of tags. Each tag element is associated + with a given resource. + type: object + target: + description: |- + This property is part of quick create. Quick create produces an API with + an integration, a default catch-all route, and a default stage which is configured + to automatically deploy changes. For HTTP integrations, specify a fully qualified + URL. For Lambda integrations, specify a function ARN. The type of the integration + will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs. + type: string + version: + description: A version identifier for the API. + type: string + type: object + status: + description: APIStatus defines the observed state of API + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + apiEndpoint: + description: |- + The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. + The stage name is typically appended to this URI to form a complete path + to a deployed API stage. + type: string + apiGatewayManaged: + description: |- + Specifies whether an API is managed by API Gateway. You can't update or delete + a managed API by using API Gateway. A managed API can be deleted only through + the tooling or service that created it. + type: boolean + apiID: + description: The API ID. + type: string + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + createdDate: + description: The timestamp when the API was created. + format: date-time + type: string + importInfo: + description: |- + The validation information during API import. This may include particular + properties of your OpenAPI definition which are ignored during import. Supported + only for HTTP APIs. + items: + type: string + type: array + warnings: + description: |- + The warning messages reported when failonwarnings is turned on during API + import. + items: + type: string + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_authorizers.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_authorizers.yaml new file mode 100644 index 000000000000..612f0eb698a1 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_authorizers.yaml @@ -0,0 +1,243 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: authorizers.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: Authorizer + listKind: AuthorizerList + plural: authorizers + singular: authorizer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Authorizer is the Schema for the Authorizers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + AuthorizerSpec defines the desired state of Authorizer. + + Represents an authorizer. + properties: + apiID: + description: The API identifier. + type: string + apiRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + authorizerCredentialsARN: + description: |- + Specifies the required credentials as an IAM role for API Gateway to invoke + the authorizer. To specify an IAM role for API Gateway to assume, use the + role's Amazon Resource Name (ARN). To use resource-based permissions on the + Lambda function, don't specify this parameter. Supported only for REQUEST + authorizers. + type: string + authorizerPayloadFormatVersion: + description: |- + Specifies the format of the payload sent to an HTTP API Lambda authorizer. + Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. + To learn more, see Working with AWS Lambda authorizers for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html). + type: string + authorizerResultTTLInSeconds: + description: |- + The time to live (TTL) for cached authorizer results, in seconds. If it equals + 0, authorization caching is disabled. If it is greater than 0, API Gateway + caches authorizer responses. The maximum value is 3600, or 1 hour. Supported + only for HTTP API Lambda authorizers. + format: int64 + type: integer + authorizerType: + description: |- + The authorizer type. Specify REQUEST for a Lambda function using incoming + request parameters. Specify JWT to use JSON Web Tokens (supported only for + HTTP APIs). + type: string + authorizerURI: + description: |- + The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, + this must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. + In general, the URI has this form: arn:aws:apigateway:{region}:lambda:path/{service_api} + , where {region} is the same as the region hosting the Lambda function, path + indicates that the remaining substring in the URI should be treated as the + path to the resource, including the initial /. For Lambda functions, this + is usually of the form /2015-03-31/functions/[FunctionARN]/invocations. Supported + only for REQUEST authorizers. + type: string + enableSimpleResponses: + description: |- + Specifies whether a Lambda authorizer returns a response in a simple format. + By default, a Lambda authorizer must return an IAM policy. If enabled, the + Lambda authorizer can return a boolean value instead of an IAM policy. Supported + only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers + for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html) + type: boolean + identitySource: + description: |- + The identity source for which authorization is requested. + + For a REQUEST authorizer, this is optional. The value is a set of one or + more mapping expressions of the specified request parameters. The identity + source can be headers, query string parameters, stage variables, and context + parameters. For example, if an Auth header and a Name query string parameter + are defined as identity sources, this value is route.request.header.Auth, + route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection + expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. + These parameters are used to perform runtime validation for Lambda-based + authorizers by verifying all of the identity-related request parameters are + present in the request, not null, and non-empty. Only when this is true does + the authorizer invoke the authorizer Lambda function. Otherwise, it returns + a 401 Unauthorized response without calling the Lambda function. For HTTP + APIs, identity sources are also used as the cache key when caching is enabled. + To learn more, see Working with AWS Lambda authorizers for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html). + + For JWT, a single entry that specifies where to extract the JSON Web Token + (JWT) from inbound requests. Currently only header-based and query parameter-based + selections are supported, for example $request.header.Authorization. + items: + type: string + type: array + identityValidationExpression: + description: This parameter is not used. + type: string + jwtConfiguration: + description: |- + Represents the configuration of a JWT authorizer. Required for the JWT authorizer + type. Supported only for HTTP APIs. + properties: + audience: + items: + type: string + type: array + issuer: + description: A string representation of a URI with a length between + [1-2048]. + type: string + type: object + name: + description: The name of the authorizer. + type: string + required: + - authorizerType + - identitySource + - name + type: object + status: + description: AuthorizerStatus defines the observed state of Authorizer + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + authorizerID: + description: The authorizer identifier. + type: string + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_deployments.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_deployments.yaml new file mode 100644 index 000000000000..649390b4e58d --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_deployments.yaml @@ -0,0 +1,169 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: deployments.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: Deployment + listKind: DeploymentList + plural: deployments + singular: deployment + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Deployment is the Schema for the Deployments API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + DeploymentSpec defines the desired state of Deployment. + + An immutable representation of an API that can be called by users. A Deployment + must be associated with a Stage for it to be callable over the internet. + properties: + apiID: + description: The API identifier. + type: string + apiRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + description: + description: The description for the deployment resource. + type: string + stageName: + description: The name of the Stage resource for the Deployment resource + to create. + type: string + type: object + status: + description: DeploymentStatus defines the observed state of Deployment + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + autoDeployed: + description: Specifies whether a deployment was automatically released. + type: boolean + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + createdDate: + description: The date and time when the Deployment resource was created. + format: date-time + type: string + deploymentID: + description: The identifier for the deployment. + type: string + deploymentStatus: + description: 'The status of the deployment: PENDING, FAILED, or SUCCEEDED.' + type: string + deploymentStatusMessage: + description: May contain additional feedback on the status of an API + deployment. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_domainnames.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_domainnames.yaml new file mode 100644 index 000000000000..bb56e70d44bf --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_domainnames.yaml @@ -0,0 +1,173 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: domainnames.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: DomainName + listKind: DomainNameList + plural: domainnames + singular: domainname + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: DomainName is the Schema for the DomainNames API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + DomainNameSpec defines the desired state of DomainName. + + Represents a domain name. + properties: + domainName: + description: The domain name. + type: string + domainNameConfigurations: + description: The domain name configurations. + items: + description: The domain name configuration. + properties: + certificateARN: + description: Represents an Amazon Resource Name (ARN). + type: string + certificateName: + description: A string with a length between [1-128]. + type: string + endpointType: + description: Represents an endpoint type. + type: string + ownershipVerificationCertificateARN: + description: Represents an Amazon Resource Name (ARN). + type: string + securityPolicy: + description: |- + The Transport Layer Security (TLS) version of the security policy for this + domain name. The valid values are TLS_1_0 and TLS_1_2. + type: string + type: object + type: array + mutualTLSAuthentication: + description: The mutual TLS authentication configuration for a custom + domain name. + properties: + truststoreURI: + description: A string representation of a URI with a length between + [1-2048]. + type: string + truststoreVersion: + description: A string with a length between [1-64]. + type: string + type: object + tags: + additionalProperties: + type: string + description: The collection of tags associated with a domain name. + type: object + required: + - domainName + type: object + status: + description: DomainNameStatus defines the observed state of DomainName + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + apiMappingSelectionExpression: + description: The API mapping selection expression. + type: string + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_integrations.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_integrations.yaml new file mode 100644 index 000000000000..7907a4f6c1a6 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_integrations.yaml @@ -0,0 +1,359 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: integrations.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: Integration + listKind: IntegrationList + plural: integrations + singular: integration + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Integration is the Schema for the Integrations API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + IntegrationSpec defines the desired state of Integration. + + Represents an integration. + properties: + apiID: + description: The API identifier. + type: string + apiRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + connectionID: + description: |- + The ID of the VPC link for a private integration. Supported only for HTTP + APIs. + type: string + connectionRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + connectionType: + description: |- + The type of the network connection to the integration endpoint. Specify INTERNET + for connections through the public routable internet or VPC_LINK for private + connections between API Gateway and resources in a VPC. The default value + is INTERNET. + type: string + contentHandlingStrategy: + description: |- + Supported only for WebSocket APIs. Specifies how to handle response payload + content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, + with the following behaviors: + + CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string + to the corresponding binary blob. + + CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded + string. + + If this property is not defined, the response payload will be passed through + from the integration response to the route response or method response without + modification. + type: string + credentialsARN: + description: |- + Specifies the credentials required for the integration, if any. For AWS integrations, + three options are available. To specify an IAM Role for API Gateway to assume, + use the role's Amazon Resource Name (ARN). To require that the caller's identity + be passed through from the request, specify the string arn:aws:iam::*:user/*. + To use resource-based permissions on supported AWS services, specify null. + type: string + description: + description: The description of the integration. + type: string + integrationMethod: + description: Specifies the integration's HTTP method type. + type: string + integrationSubtype: + description: |- + Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service + action to invoke. To learn more, see Integration subtype reference (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html). + type: string + integrationType: + description: |- + The integration type of an integration. One of the following: + + AWS: for integrating the route or method request with an AWS service action, + including the Lambda function-invoking action. With the Lambda function-invoking + action, this is referred to as the Lambda custom integration. With any other + AWS service action, this is known as AWS integration. Supported only for + WebSocket APIs. + + AWS_PROXY: for integrating the route or method request with a Lambda function + or other AWS service action. This integration is also referred to as a Lambda + proxy integration. + + HTTP: for integrating the route or method request with an HTTP endpoint. + This integration is also referred to as the HTTP custom integration. Supported + only for WebSocket APIs. + + HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, + with the client request passed through as-is. This is also referred to as + HTTP proxy integration. For HTTP API private integrations, use an HTTP_PROXY + integration. + + MOCK: for integrating the route or method request with API Gateway as a "loopback" + endpoint without invoking any backend. Supported only for WebSocket APIs. + type: string + integrationURI: + description: |- + For a Lambda integration, specify the URI of a Lambda function. + + For an HTTP integration, specify a fully-qualified URL. + + For an HTTP API private integration, specify the ARN of an Application Load + Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. + If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances + to identify resources. You can use query parameters to target specific resources. + To learn more, see DiscoverInstances (https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html). + For private integrations, all resources must be owned by the same AWS account. + type: string + passthroughBehavior: + description: |- + Specifies the pass-through behavior for incoming requests based on the Content-Type + header in the request, and the available mapping templates specified as the + requestTemplates property on the Integration resource. There are three valid + values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket + APIs. + + WHEN_NO_MATCH passes the request body for unmapped content types through + to the integration backend without transformation. + + NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type + response. + + WHEN_NO_TEMPLATES allows pass-through when the integration has no content + types mapped to templates. However, if there is at least one content type + defined, unmapped content types will be rejected with the same HTTP 415 Unsupported + Media Type response. + type: string + payloadFormatVersion: + description: |- + Specifies the format of the payload sent to an integration. Required for + HTTP APIs. + type: string + requestParameters: + additionalProperties: + type: string + description: |- + For WebSocket APIs, a key-value map specifying request parameters that are + passed from the method request to the backend. The key is an integration + request parameter name and the associated value is a method request parameter + value or static value that must be enclosed within single quotes and pre-encoded + as required by the backend. The method request parameter value must match + the pattern of method.request.{location}.{name} , where {location} is querystring, + path, or header; and {name} must be a valid and unique method request parameter + name. + + For HTTP API integrations with a specified integrationSubtype, request parameters + are a key-value map specifying parameters that are passed to AWS_PROXY integrations. + You can provide static values, or map request data, stage variables, or context + variables that are evaluated at runtime. To learn more, see Working with + AWS service integrations for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html). + + For HTTP API integrations without a specified integrationSubtype request + parameters are a key-value map specifying how to transform HTTP requests + before sending them to the backend. The key should follow the pattern :. + where action can be append, overwrite or remove. For values, you can provide + static values, or map request data, stage variables, or context variables + that are evaluated at runtime. To learn more, see Transforming API requests + and responses (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html). + type: object + requestTemplates: + additionalProperties: + type: string + description: |- + Represents a map of Velocity templates that are applied on the request payload + based on the value of the Content-Type header sent by the client. The content + type value is the key in this map, and the template (as a String) is the + value. Supported only for WebSocket APIs. + type: object + responseParameters: + additionalProperties: + additionalProperties: + type: string + type: object + description: |- + Supported only for HTTP APIs. You use response parameters to transform the + HTTP response from a backend integration before returning the response to + clients. Specify a key-value map from a selection key to response parameters. + The selection key must be a valid HTTP status code within the range of 200-599. + Response parameters are a key-value map. The key must match pattern :
. + or overwrite.statuscode. The action can be append, overwrite or remove. The + value can be a static value, or map to response data, stage variables, or + context variables that are evaluated at runtime. To learn more, see Transforming + API requests and responses (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html). + type: object + templateSelectionExpression: + description: The template selection expression for the integration. + type: string + timeoutInMillis: + description: |- + Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and + between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is + 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs. + format: int64 + type: integer + tlsConfig: + description: |- + The TLS configuration for a private integration. If you specify a TLS configuration, + private integration traffic uses the HTTPS protocol. Supported only for HTTP + APIs. + properties: + serverNameToVerify: + description: A string with a length between [1-512]. + type: string + type: object + required: + - integrationType + type: object + status: + description: IntegrationStatus defines the observed state of Integration + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + apiGatewayManaged: + description: |- + Specifies whether an integration is managed by API Gateway. If you created + an API using using quick create, the resulting integration is managed by + API Gateway. You can update a managed integration, but you can't delete it. + type: boolean + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + integrationID: + description: Represents the identifier of an integration. + type: string + integrationResponseSelectionExpression: + description: |- + The integration response selection expression for the integration. Supported + only for WebSocket APIs. See Integration Response Selection Expressions (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-integration-response-selection-expressions). + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_routes.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_routes.yaml new file mode 100644 index 000000000000..f352d44bd5f2 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_routes.yaml @@ -0,0 +1,250 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: routes.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: Route + listKind: RouteList + plural: routes + singular: route + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Route is the Schema for the Routes API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + RouteSpec defines the desired state of Route. + + Represents a route. + properties: + apiID: + description: The API identifier. + type: string + apiKeyRequired: + description: |- + Specifies whether an API key is required for the route. Supported only for + WebSocket APIs. + type: boolean + apiRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + authorizationScopes: + description: The authorization scopes supported by this route. + items: + type: string + type: array + authorizationType: + description: |- + The authorization type for the route. For WebSocket APIs, valid values are + NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for + using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, + JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and + CUSTOM for using a Lambda authorizer. + type: string + authorizerID: + description: |- + The identifier of the Authorizer resource to be associated with this route. + The authorizer identifier is generated by API Gateway when you created the + authorizer. + type: string + authorizerRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + modelSelectionExpression: + description: |- + The model selection expression for the route. Supported only for WebSocket + APIs. + type: string + operationName: + description: The operation name for the route. + type: string + requestModels: + additionalProperties: + type: string + description: The request models for the route. Supported only for + WebSocket APIs. + type: object + requestParameters: + additionalProperties: + description: |- + Validation constraints imposed on parameters of a request (path, query string, + headers). + properties: + required: + type: boolean + type: object + description: The request parameters for the route. Supported only + for WebSocket APIs. + type: object + routeKey: + description: The route key for the route. + type: string + routeResponseSelectionExpression: + description: |- + The route response selection expression for the route. Supported only for + WebSocket APIs. + type: string + target: + description: The target for the route. + type: string + targetRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + required: + - routeKey + type: object + status: + description: RouteStatus defines the observed state of Route + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + apiGatewayManaged: + description: |- + Specifies whether a route is managed by API Gateway. If you created an API + using quick create, the $default route is managed by API Gateway. You can't + modify the $default route key. + type: boolean + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + routeID: + description: The route ID. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_stages.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_stages.yaml new file mode 100644 index 000000000000..b7c828d6812f --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_stages.yaml @@ -0,0 +1,259 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: stages.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: Stage + listKind: StageList + plural: stages + singular: stage + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Stage is the Schema for the Stages API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + StageSpec defines the desired state of Stage. + + Represents an API stage. + properties: + accessLogSettings: + description: Settings for logging access in this stage. + properties: + destinationARN: + description: Represents an Amazon Resource Name (ARN). + type: string + format: + description: A string with a length between [1-1024]. + type: string + type: object + apiID: + description: The API identifier. + type: string + apiRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + autoDeploy: + description: |- + Specifies whether updates to an API automatically trigger a new deployment. + The default value is false. + type: boolean + clientCertificateID: + description: |- + The identifier of a client certificate for a Stage. Supported only for WebSocket + APIs. + type: string + defaultRouteSettings: + description: The default route settings for the stage. + properties: + dataTraceEnabled: + type: boolean + detailedMetricsEnabled: + type: boolean + loggingLevel: + description: The logging level. + type: string + throttlingBurstLimit: + format: int64 + type: integer + throttlingRateLimit: + type: number + type: object + deploymentID: + description: The deployment identifier of the API stage. + type: string + deploymentRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + description: + description: The description for the API stage. + type: string + routeSettings: + additionalProperties: + description: Represents a collection of route settings. + properties: + dataTraceEnabled: + type: boolean + detailedMetricsEnabled: + type: boolean + loggingLevel: + description: The logging level. + type: string + throttlingBurstLimit: + format: int64 + type: integer + throttlingRateLimit: + type: number + type: object + description: Route settings for the stage, by routeKey. + type: object + stageName: + description: The name of the stage. + type: string + stageVariables: + additionalProperties: + type: string + description: |- + A map that defines the stage variables for a Stage. Variable names can have + alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+. + type: object + tags: + additionalProperties: + type: string + description: The collection of tags. Each tag element is associated + with a given resource. + type: object + required: + - stageName + type: object + status: + description: StageStatus defines the observed state of Stage + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + apiGatewayManaged: + description: |- + Specifies whether a stage is managed by API Gateway. If you created an API + using quick create, the $default stage is managed by API Gateway. You can't + modify the $default stage. + type: boolean + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + createdDate: + description: The timestamp when the stage was created. + format: date-time + type: string + lastDeploymentStatusMessage: + description: |- + Describes the status of the last deployment of a stage. Supported only for + stages with autoDeploy enabled. + type: string + lastUpdatedDate: + description: The timestamp when the stage was last updated. + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_vpclinks.yaml b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_vpclinks.yaml new file mode 100644 index 000000000000..faa02c4b4671 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/manifests/apigatewayv2.services.k8s.aws_vpclinks.yaml @@ -0,0 +1,162 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: vpclinks.apigatewayv2.services.k8s.aws +spec: + group: apigatewayv2.services.k8s.aws + names: + kind: VPCLink + listKind: VPCLinkList + plural: vpclinks + singular: vpclink + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: VPCLink is the Schema for the VPCLinks API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + VpcLinkSpec defines the desired state of VpcLink. + + Represents a VPC link. + properties: + name: + description: The name of the VPC link. + type: string + securityGroupIDs: + description: A list of security group IDs for the VPC link. + items: + type: string + type: array + subnetIDs: + description: A list of subnet IDs to include in the VPC link. + items: + type: string + type: array + tags: + additionalProperties: + type: string + description: A list of tags. + type: object + required: + - name + - subnetIDs + type: object + status: + description: VPCLinkStatus defines the observed state of VPCLink + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + createdDate: + description: The timestamp when the VPC link was created. + format: date-time + type: string + vpcLinkID: + description: The ID of the VPC link. + type: string + vpcLinkStatus: + description: The status of the VPC link. + type: string + vpcLinkStatusMessage: + description: A message summarizing the cause of the status of the + VPC link. + type: string + vpcLinkVersion: + description: The version of the VPC link. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-apigatewayv2-controller/1.1.1/metadata/annotations.yaml b/operators/ack-apigatewayv2-controller/1.1.1/metadata/annotations.yaml new file mode 100644 index 000000000000..5e6fefd6ea0a --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: ack-apigatewayv2-controller + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.28.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: unknown + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/ack-apigatewayv2-controller/1.1.1/tests/scorecard/config.yaml b/operators/ack-apigatewayv2-controller/1.1.1/tests/scorecard/config.yaml new file mode 100644 index 000000000000..382ddefd1566 --- /dev/null +++ b/operators/ack-apigatewayv2-controller/1.1.1/tests/scorecard/config.yaml @@ -0,0 +1,50 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}