envoyproxy · zhaohuabing · Jan 8, 2025 · Dec 18, 2024 · arkodg · Jan 4, 2025
@@ -32,16 +32,15 @@ type EnvoyExtensionPolicy struct {
 	Status gwapiv1a2.PolicyStatus `json:"status,omitempty"`
 }
 
-// +kubebuilder:validation:XValidation:rule="(has(self.targetRef) && !has(self.targetRefs)) || (!has(self.targetRef) && has(self.targetRefs)) || (has(self.targetSelectors) && self.targetSelectors.size() > 0) ", message="either targetRef or targetRefs must be used"
+// EnvoyExtensionPolicySpec defines the desired state of EnvoyExtensionPolicy.
 //
+// +kubebuilder:validation:XValidation:rule="(has(self.targetRef) && !has(self.targetRefs)) || (!has(self.targetRef) && has(self.targetRefs)) || (has(self.targetSelectors) && self.targetSelectors.size() > 0) ", message="either targetRef or targetRefs must be used"
 // +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? self.targetRef.group == 'gateway.networking.k8s.io' : true", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
 // +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? self.targetRef.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute'] : true", message="this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
 // +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? !has(self.targetRef.sectionName) : true",message="this policy does not yet support the sectionName field"
 // +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, ref.group == 'gateway.networking.k8s.io') : true ", message="this policy can only have a targetRefs[*].group of gateway.networking.k8s.io"
 // +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, ref.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute']) : true ", message="this policy can only have a targetRefs[*].kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
 // +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, !has(ref.sectionName)) : true",message="this policy does not yet support the sectionName field"
-//
-// EnvoyExtensionPolicySpec defines the desired state of EnvoyExtensionPolicy.
 type EnvoyExtensionPolicySpec struct {
 	PolicyTargetReferences `json:",inline"`
 
@@ -54,11 +53,19 @@ type EnvoyExtensionPolicySpec struct {
 	Wasm []Wasm `json:"wasm,omitempty"`
 
 	// ExtProc is an ordered list of external processing filters
-	// that should added to the envoy filter chain
+	// that should be added to the envoy filter chain
 	//
 	// +kubebuilder:validation:MaxItems=16
 	// +optional
 	ExtProc []ExtProc `json:"extProc,omitempty"`
+
+	// Lua is an ordered list of Lua filters
+	// that should be added to the envoy filter chain
+	//
+	// +kubebuilder:validation:MaxItems=16
+	// +optional
+	// +notImplementedHide
+	Lua []Lua `json:"lua,omitempty"`
 }
 
 //+kubebuilder:object:root=true

@@ -0,0 +1,48 @@
+// Copyright Envoy Gateway Authors
+// SPDX-License-Identifier: Apache-2.0
+// The full text of the Apache license is available in the LICENSE file at
+// the root of the repo.
+
+package v1alpha1
+
+import gwapiv1 "sigs.k8s.io/gateway-api/apis/v1"
+
+// LuaValueType defines the types of values for Lua supported by Envoy Gateway.
+// +kubebuilder:validation:Enum=Inline;ValueRef
+type LuaValueType string
+
+const (
+	// LuaValueTypeInline defines the "Inline" Lua type.
+	LuaValueTypeInline LuaValueType = "Inline"
+
+	// LuaValueTypeValueRef defines the "ValueRef" Lua type.
+	LuaValueTypeValueRef LuaValueType = "ValueRef"
+)
+
+// Lua defines a Lua extension
+// Only one of Inline or ValueRef must be set
+//
+// +kubebuilder:validation:XValidation:rule="(self.type == 'Inline' && has(self.inline) && !has(self.valueRef)) || (self.type == 'ValueRef' && !has(self.inline) && has(self.valueRef))",message="Exactly one of inline or valueRef must be set with correct type."
+type Lua struct {
+	// Type is the type of method to use to read the Lua value.
+	// Valid values are Inline and ValueRef, default is Inline.
+	//
+	// +kubebuilder:default=Inline
+	// +unionDiscriminator
+	// +required
+	Type LuaValueType `json:"type"`
+	// Inline contains the source code as an inline string.
 Type *ResponseValueType `json:"type"` 
 Type *ResponseValueType `json:"type"` 
+	//
+	// +optional
+	// +unionMember
+	Inline *string `json:"inline,omitempty"`
+	// ValueRef has the source code specified as a local object reference.
+	// Only a reference to ConfigMap is supported.
+	// The value of key `lua` in the ConfigMap will be used.
+	// If the key is not found, the first value in the ConfigMap will be used.
+	//
+	// +kubebuilder:validation:XValidation:rule="self.kind == 'ConfigMap' && (!has(self.group) || self.group == '')",message="Only a reference to an object of kind ConfigMap belonging to default core API group is supported."
+	// +optional
+	// +unionMember
+	ValueRef *gwapiv1.LocalObjectReference `json:"valueRef,omitempty"`
+}
@@ -49,7 +49,7 @@ spec:
               extProc:
                 description: |-
                   ExtProc is an ordered list of external processing filters
-                  that should added to the envoy filter chain
+                  that should be added to the envoy filter chain
                 items:
                   description: ExtProc defines the configuration for External Processing
                     filter.
@@ -973,6 +973,73 @@ spec:
                       == "" || f.group == ''gateway.envoyproxy.io'')) : true'
                 maxItems: 16
                 type: array
+              lua:
+                description: |-
+                  Lua is an ordered list of Lua filters
+                  that should be added to the envoy filter chain
+                items:
+                  description: |-
+                    Lua defines a Lua extension
+                    Only one of Inline or ValueRef must be set
+                  properties:
+                    inline:
+                      description: Inline contains the source code as an inline string.
+                      type: string
+                    type:
+                      default: Inline
+                      description: |-
+                        Type is the type of method to use to read the Lua value.
+                        Valid values are Inline and ValueRef, default is Inline.
+                      enum:
+                      - Inline
+                      - ValueRef
+                      type: string
+                    valueRef:
+                      description: |-
+                        ValueRef has the source code specified as a local object reference.
+                        Only a reference to ConfigMap is supported.
+                        The value of key `lua` in the ConfigMap will be used.
+                        If the key is not found, the first value in the ConfigMap will be used.
+                      properties:
+                        group:
+                          description: |-
+                            Group is the group of the referent. For example, "gateway.networking.k8s.io".
+                            When unspecified or empty string, core API group is inferred.
+                          maxLength: 253
+                          pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                          type: string
+                        kind:
+                          description: Kind is kind of the referent. For example "HTTPRoute"
+                            or "Service".
+                          maxLength: 63
+                          minLength: 1
+                          pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+                          type: string
+                        name:
+                          description: Name is the name of the referent.
+                          maxLength: 253
+                          minLength: 1
+                          type: string
+                      required:
+                      - group
+                      - kind
+                      - name
+                      type: object
+                      x-kubernetes-validations:
+                      - message: Only a reference to an object of kind ConfigMap belonging
+                          to default core API group is supported.
+                        rule: self.kind == 'ConfigMap' && (!has(self.group) || self.group
+                          == '')
+                  required:
+                  - type
+                  type: object
+                  x-kubernetes-validations:
+                  - message: Exactly one of inline or valueRef must be set with correct
+                      type.
+                    rule: (self.type == 'Inline' && has(self.inline) && !has(self.valueRef))
+                      || (self.type == 'ValueRef' && !has(self.inline) && has(self.valueRef))
+                maxItems: 16
+                type: array
               targetRef:
                 description: |-
                   TargetRef is the name of the resource this policy is being attached to.

@@ -980,7 +980,7 @@ _Appears in:_
 | `targetRefs` | _[LocalPolicyTargetReferenceWithSectionName](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReferenceWithSectionName) array_ |  true  | TargetRefs are the names of the Gateway resources this policy<br />is being attached to. |
 | `targetSelectors` | _[TargetSelector](#targetselector) array_ |  true  | TargetSelectors allow targeting resources for this policy based on labels |
 | `wasm` | _[Wasm](#wasm) array_ |  false  | Wasm is a list of Wasm extensions to be loaded by the Gateway.<br />Order matters, as the extensions will be loaded in the order they are<br />defined in this list. |
-| `extProc` | _[ExtProc](#extproc) array_ |  false  | ExtProc is an ordered list of external processing filters<br />that should added to the envoy filter chain |
+| `extProc` | _[ExtProc](#extproc) array_ |  false  | ExtProc is an ordered list of external processing filters<br />that should be added to the envoy filter chain |
 
 
 #### EnvoyFilter
@@ -2755,6 +2755,38 @@ _Appears in:_
 | `error` | LogLevelError defines the "Error" logging level.<br /> | 
 
 
+#### Lua
+
+
+
+Lua defines a Lua extension
+Only one of Inline or ValueRef must be set
+
+_Appears in:_
+- [EnvoyExtensionPolicySpec](#envoyextensionpolicyspec)
+
+| Field | Type | Required | Description |
+| ---   | ---  | ---      | ---         |
+| `type` | _[LuaValueType](#luavaluetype)_ |  true  | Type is the type of method to use to read the Lua value.<br />Valid values are Inline and ValueRef, default is Inline. |
+| `inline` | _string_ |  false  | Inline contains the source code as an inline string. |
+| `valueRef` | _[LocalObjectReference](#localobjectreference)_ |  false  | ValueRef has the source code specified as a local object reference.<br />Only a reference to ConfigMap is supported.<br />The value of key `lua` in the ConfigMap will be used.<br />If the key is not found, the first value in the ConfigMap will be used. |
+
+
+#### LuaValueType
+
+_Underlying type:_ _string_
+
+LuaValueType defines the types of values for Lua supported by Envoy Gateway.
+
+_Appears in:_
+- [Lua](#lua)
+
+| Value | Description |
+| ----- | ----------- |
+| `Inline` | LuaValueTypeInline defines the "Inline" Lua type.<br /> | 
+| `ValueRef` | LuaValueTypeValueRef defines the "ValueRef" Lua type.<br /> | 
+
+
 #### MergeType
 
 _Underlying type:_ _string_

@@ -980,7 +980,7 @@ _Appears in:_
 | `targetRefs` | _[LocalPolicyTargetReferenceWithSectionName](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReferenceWithSectionName) array_ |  true  | TargetRefs are the names of the Gateway resources this policy<br />is being attached to. |
 | `targetSelectors` | _[TargetSelector](#targetselector) array_ |  true  | TargetSelectors allow targeting resources for this policy based on labels |
 | `wasm` | _[Wasm](#wasm) array_ |  false  | Wasm is a list of Wasm extensions to be loaded by the Gateway.<br />Order matters, as the extensions will be loaded in the order they are<br />defined in this list. |
-| `extProc` | _[ExtProc](#extproc) array_ |  false  | ExtProc is an ordered list of external processing filters<br />that should added to the envoy filter chain |
+| `extProc` | _[ExtProc](#extproc) array_ |  false  | ExtProc is an ordered list of external processing filters<br />that should be added to the envoy filter chain |
 
 
 #### EnvoyFilter
@@ -2755,6 +2755,38 @@ _Appears in:_
 | `error` | LogLevelError defines the "Error" logging level.<br /> | 
 
 
+#### Lua
+
+
+
+Lua defines a Lua extension
+Only one of Inline or ValueRef must be set
+
+_Appears in:_
+- [EnvoyExtensionPolicySpec](#envoyextensionpolicyspec)
+
+| Field | Type | Required | Description |
+| ---   | ---  | ---      | ---         |
+| `type` | _[LuaValueType](#luavaluetype)_ |  true  | Type is the type of method to use to read the Lua value.<br />Valid values are Inline and ValueRef, default is Inline. |
+| `inline` | _string_ |  false  | Inline contains the source code as an inline string. |
+| `valueRef` | _[LocalObjectReference](#localobjectreference)_ |  false  | ValueRef has the source code specified as a local object reference.<br />Only a reference to ConfigMap is supported.<br />The value of key `lua` in the ConfigMap will be used.<br />If the key is not found, the first value in the ConfigMap will be used. |
+
+
+#### LuaValueType
+
+_Underlying type:_ _string_
+
+LuaValueType defines the types of values for Lua supported by Envoy Gateway.
+
+_Appears in:_
+- [Lua](#lua)
+
+| Value | Description |
+| ----- | ----------- |
+| `Inline` | LuaValueTypeInline defines the "Inline" Lua type.<br /> | 
+| `ValueRef` | LuaValueTypeValueRef defines the "ValueRef" Lua type.<br /> | 
+
+
 #### MergeType
 
 _Underlying type:_ _string_