Re-generate CRD

shaun-nx · shaun-nx · commit 1c6843d011df · 2025-11-27T16:28:22.000Z
diff --git a/apis/v1alpha1/authenticationfilter_types.go b/apis/v1alpha1/authenticationfilter_types.go
@@ -42,8 +42,11 @@ type AuthenticationFilterList struct {
 //
 //nolint:lll
 type AuthenticationFilterSpec struct {
+	// Basic configures HTTP Basic Authentication.
 	Basic BasicAuth `json:"basic"`
-	Type  AuthType  `json:"type"`
+
+	// Type selects the authentication mechanism.
+	Type AuthType `json:"type"`
 }
 
 // AuthType defines the authentication mechanism.
@@ -56,9 +59,18 @@ const (
 
 // BasicAuth configures HTTP Basic Authentication.
 type BasicAuth struct {
+	// OnFailure customizes the 401 response for failed authentication.
+	//
+	// +optional
 	OnFailure *AuthFailureResponse `json:"onFailure,omitempty"`
+
+	// SecretRef allows referencing a Secret in the same namespace
 	SecretRef LocalObjectReference `json:"secretRef"`
-	Realm     string               `json:"realm"`
+
+	// Realm used by NGINX `auth_basic` directive.
+	// https://nginx.org/en/docs/http/ngx_http_auth_basic_module.html#auth_basic
+	// Also configures "realm="<realm_value>" in WWW-Authenticate header in error page location.
+	Realm string `json:"realm"`
 }
 
 // LocalObjectReference specifies a local Kubernetes object.
diff --git a/config/crd/bases/gateway.nginx.org_authenticationfilters.yaml b/config/crd/bases/gateway.nginx.org_authenticationfilters.yaml
@@ -51,10 +51,11 @@ spec:
             description: Spec defines the desired state of the AuthenticationFilter.
             properties:
               basic:
-                description: BasicAuth configures HTTP Basic Authentication.
+                description: Basic configures HTTP Basic Authentication.
                 properties:
                   onFailure:
-                    description: AuthFailureResponse customizes 401/403 failures.
+                    description: OnFailure customizes the 401 response for failed
+                      authentication.
                     properties:
                       bodyPolicy:
                         default: Unauthorized
@@ -87,10 +88,14 @@ spec:
                           rule: self in [401, 403]
                     type: object
                   realm:
+                    description: |-
+                      Realm used by NGINX `auth_basic` directive.
+                      https://nginx.org/en/docs/http/ngx_http_auth_basic_module.html#auth_basic
+                      Also configures "realm="<realm_value>" in WWW-Authenticate header in error page location.
                     type: string
                   secretRef:
-                    description: LocalObjectReference specifies a local Kubernetes
-                      object.
+                    description: SecretRef allows referencing a Secret in the same
+                      namespace
                     properties:
                       name:
                         type: string
@@ -102,7 +107,7 @@ spec:
                 - secretRef
                 type: object
               type:
-                description: AuthType defines the authentication mechanism.
+                description: Type selects the authentication mechanism.
                 enum:
                 - Basic
                 type: string
diff --git a/deploy/crds.yaml b/deploy/crds.yaml
@@ -50,10 +50,11 @@ spec:
             description: Spec defines the desired state of the AuthenticationFilter.
             properties:
               basic:
-                description: BasicAuth configures HTTP Basic Authentication.
+                description: Basic configures HTTP Basic Authentication.
                 properties:
                   onFailure:
-                    description: AuthFailureResponse customizes 401/403 failures.
+                    description: OnFailure customizes the 401 response for failed
+                      authentication.
                     properties:
                       bodyPolicy:
                         default: Unauthorized
@@ -86,10 +87,14 @@ spec:
                           rule: self in [401, 403]
                     type: object
                   realm:
+                    description: |-
+                      Realm used by NGINX `auth_basic` directive.
+                      https://nginx.org/en/docs/http/ngx_http_auth_basic_module.html#auth_basic
+                      Also configures "realm="<realm_value>" in WWW-Authenticate header in error page location.
                     type: string
                   secretRef:
-                    description: LocalObjectReference specifies a local Kubernetes
-                      object.
+                    description: SecretRef allows referencing a Secret in the same
+                      namespace
                     properties:
                       name:
                         type: string
@@ -101,7 +106,7 @@ spec:
                 - secretRef
                 type: object
               type:
-                description: AuthType defines the authentication mechanism.
+                description: Type selects the authentication mechanism.
                 enum:
                 - Basic
                 type: string
