├── .clang-format ├── .devcontainer └── devcontainer.json ├── .dockerignore ├── .editorconfig ├── .env.example ├── .gitattributes ├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ ├── documentation.md │ └── improvement---feature-request.md ├── PULL_REQUEST_TEMPLATE │ └── release_pull_request_template.md ├── dependabot.yml ├── pull_request_template.md ├── slash-commands-config.yml └── workflows │ ├── build-pipy-images.yml │ ├── e2e.yml │ ├── ghcr.yml │ ├── main.yml │ ├── release-image.yml │ ├── release.yml │ ├── slash-commands.yml │ └── stale.yml ├── .gitignore ├── .golangci.bck.yml ├── .golangci.yml ├── .goreleaser.yaml ├── .mergify.yml ├── CODEOWNERS ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── CONTRIBUTOR_LADDER.md ├── DESIGN.md ├── Dockerfile ├── LICENSE ├── Makefile ├── OWNERS ├── README.md ├── ROADMAP.md ├── SECURITY.md ├── SUPPORT ├── charts ├── .helmignore ├── connector │ ├── .helmignore │ ├── Chart.lock │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── hpa.yaml │ │ └── pod-disruption-budget.yaml │ ├── values.schema.json │ └── values.yaml ├── fsm │ ├── .helmignore │ ├── Chart.lock │ ├── Chart.yaml │ ├── README.md │ ├── README.md.gotmpl │ ├── components │ │ ├── scripts.tar.gz │ │ └── scripts │ │ │ ├── gateways │ │ │ ├── config │ │ │ │ └── version.json │ │ │ ├── filters │ │ │ │ ├── http │ │ │ │ │ ├── AccessLog.js │ │ │ │ │ ├── CircuitBreak.js │ │ │ │ │ ├── ExternalRateLimit.js │ │ │ │ │ ├── FaultInjection.js │ │ │ │ │ ├── HTTPForward.js │ │ │ │ │ ├── HTTPLog.js │ │ │ │ │ ├── Metrics.js │ │ │ │ │ ├── RateLimit.js │ │ │ │ │ ├── RequestHeaderModifier.js │ │ │ │ │ ├── RequestMirror.js │ │ │ │ │ ├── RequestTermination.js │ │ │ │ │ ├── ResponseHeaderModifier.js │ │ │ │ │ ├── URLRewrite.js │ │ │ │ │ └── Zipkin.js │ │ │ │ ├── tcp │ │ │ │ │ ├── ConcurrencyLimit.js │ │ │ │ │ ├── IPRestriction.js │ │ │ │ │ ├── ProxyAccept.js │ │ │ │ │ ├── ProxyTag.js │ │ │ │ │ ├── TCPForward.js │ │ │ │ │ └── TLSDelegate.js │ │ │ │ └── udp │ │ │ │ │ └── DNSModifier.js │ │ │ ├── main.js │ │ │ ├── main.ztm.js │ │ │ ├── modules │ │ │ │ ├── backend-selector.js │ │ │ │ ├── backend-tls.js │ │ │ │ ├── backend.js │ │ │ │ ├── balancer-dubbo.js │ │ │ │ ├── balancer-http.js │ │ │ │ ├── balancer-tcp.js │ │ │ │ ├── balancer-udp.js │ │ │ │ ├── health-check.js │ │ │ │ ├── router-dubbo.js │ │ │ │ ├── router-http.js │ │ │ │ ├── router-tcp.js │ │ │ │ ├── router-tls.js │ │ │ │ ├── router-udp.js │ │ │ │ ├── session-persistence.js │ │ │ │ └── terminate-tls.js │ │ │ ├── options.js │ │ │ ├── resources.js │ │ │ ├── startup.js │ │ │ └── utils.js │ │ │ ├── ingress │ │ │ ├── config.js │ │ │ ├── config │ │ │ │ ├── ingress.json │ │ │ │ └── main.json │ │ │ ├── ingress.js │ │ │ ├── main.js │ │ │ └── plugins │ │ │ │ ├── balancer.js │ │ │ │ ├── default.js │ │ │ │ ├── logging.js │ │ │ │ ├── metrics.js │ │ │ │ ├── protocol.js │ │ │ │ ├── reject-http.js │ │ │ │ └── router.js │ │ │ └── services │ │ │ ├── config │ │ │ ├── config.json │ │ │ └── registry.json │ │ │ └── main.js │ ├── grafana │ │ └── pipy │ │ │ └── dashboards │ │ │ ├── fsm-control-plane.json │ │ │ ├── fsm-data-plane-performance.json │ │ │ ├── fsm-mesh-sidecar-details.json │ │ │ ├── fsm-pod-to-service.json │ │ │ ├── fsm-service-to-service.json │ │ │ ├── fsm-workload-to-service.json │ │ │ └── fsm-workload-to-workload.json │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── cleanup-hook.yaml │ │ ├── egress-gateway-configmap.yaml │ │ ├── egress-gateway-deployment.yaml │ │ ├── egress-gateway-service.yaml │ │ ├── fluentbit-configmap.yaml │ │ ├── fsm-bootstrap-deployment.yaml │ │ ├── fsm-bootstrap-service.yaml │ │ ├── fsm-controller-hpa.yaml │ │ ├── fsm-controller-pod-disruption-budget.yaml │ │ ├── fsm-deployment.yaml │ │ ├── fsm-flb-secret.yaml │ │ ├── fsm-ingress-class.yaml │ │ ├── fsm-ingress-deployment.yaml │ │ ├── fsm-ingress-service.yaml │ │ ├── fsm-injector-deployment.yaml │ │ ├── fsm-injector-hpa.yaml │ │ ├── fsm-injector-pod-disruption-budget.yaml │ │ ├── fsm-injector-service.yaml │ │ ├── fsm-mesh-config-role.yaml │ │ ├── fsm-rbac.yaml │ │ ├── fsm-remote-logging-secret.yaml │ │ ├── fsm-service.yaml │ │ ├── fsm-validator-service.yaml │ │ ├── fsm-xnetwork.yaml │ │ ├── grafana-configmap.yaml │ │ ├── grafana-deployment.yaml │ │ ├── grafana-rbac.yaml │ │ ├── grafana-svc.yaml │ │ ├── init-repo-scripts-configmap.yaml │ │ ├── jaeger-deployment.yaml │ │ ├── jaeger-rbac.yaml │ │ ├── jaeger-service.yaml │ │ ├── leader-election-role.yaml │ │ ├── leader-election-rolebinding.yaml │ │ ├── mutating-webhook-configuration.yaml │ │ ├── preinstall-hook.yaml │ │ ├── preset-mesh-config.yaml │ │ ├── preset-mesh-root-certificate.yaml │ │ ├── prometheus-configmap.yaml │ │ ├── prometheus-deployment.yaml │ │ ├── prometheus-rbac.yaml │ │ ├── prometheus-svc.yaml │ │ ├── proxy-config.yaml │ │ └── validating-webhook-configuration.yaml │ ├── values.schema.json │ └── values.yaml ├── gateway │ ├── .helmignore │ ├── Chart.lock │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── _helpers.tpl │ │ ├── daemonset.yaml │ │ ├── deployment.yaml │ │ ├── hpa.yaml │ │ ├── leader-election-role.yaml │ │ ├── leader-election-rolebinding.yaml │ │ ├── pod-disruption-budget.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── service-tcp.yaml │ │ ├── service-udp.yaml │ │ └── serviceaccount.yaml │ └── values.yaml └── namespaced-ingress │ ├── .helmignore │ ├── Chart.lock │ ├── Chart.yaml │ ├── README.md │ ├── templates │ ├── _helpers.tpl │ ├── deployment.yaml │ ├── role.yaml │ ├── rolebinding.yaml │ ├── service.yaml │ └── serviceaccount.yaml │ └── values.yaml ├── ci ├── README.md ├── cmd │ ├── maestro.go │ ├── maestro │ │ ├── kubernetes_tools.go │ │ └── types.go │ ├── maestro_test.go │ └── suite_test.go └── create-service-principal-for-acr.sh ├── cmd ├── cli │ ├── cluster.go │ ├── dashboard.go │ ├── egressgateway.go │ ├── egressgateway_disable.go │ ├── egressgateway_enable.go │ ├── env.go │ ├── flb.go │ ├── flb_disable.go │ ├── flb_enable.go │ ├── formatters.go │ ├── fsm.go │ ├── fsm_test.go │ ├── gateway.go │ ├── gateway_disable.go │ ├── gateway_enable.go │ ├── ingress.go │ ├── ingress_disable.go │ ├── ingress_enable.go │ ├── ingress_namespaced.go │ ├── ingress_namespaced_disable.go │ ├── ingress_namespaced_enable.go │ ├── install.go │ ├── install_test.go │ ├── mesh.go │ ├── mesh_list.go │ ├── mesh_list_test.go │ ├── mesh_upgrade.go │ ├── mesh_upgrade_test.go │ ├── metrics.go │ ├── metrics_disable.go │ ├── metrics_enable.go │ ├── metrics_test.go │ ├── namespace.go │ ├── namespace_add.go │ ├── namespace_ignore.go │ ├── namespace_list.go │ ├── namespace_list_test.go │ ├── namespace_remove.go │ ├── namespace_test.go │ ├── namespacedingress.go │ ├── policy.go │ ├── policy_check_conflicts.go │ ├── policy_check_conflicts_test.go │ ├── policy_check_pods.go │ ├── policy_check_pods_test.go │ ├── proxy.go │ ├── proxy_get.go │ ├── servicelb.go │ ├── servicelb_disable.go │ ├── servicelb_enable.go │ ├── shared.go │ ├── suite_test.go │ ├── support.go │ ├── support_bugreport.go │ ├── support_err.go │ ├── support_err_test.go │ ├── testdata │ │ └── test-chart │ │ │ ├── .helmignore │ │ │ ├── Chart.yaml │ │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ └── deployment.yaml │ │ │ └── values.yaml │ ├── uninstall.go │ ├── uninstall_mesh.go │ ├── uninstall_mesh_test.go │ ├── util.go │ ├── util_test.go │ ├── version.go │ ├── version_latest.go │ ├── version_latest_test.go │ └── version_test.go ├── fsm-bootstrap │ ├── crds │ │ ├── backendtlspolicies.gateway.networking.k8s.io.yaml │ │ ├── config.flomesh.io_meshconfigs.yaml │ │ ├── config.flomesh.io_meshrootcertificates.yaml │ │ ├── connector.flomesh.io_consulconnectors.yaml │ │ ├── connector.flomesh.io_eurekaconnectors.yaml │ │ ├── connector.flomesh.io_gatewayconnectors.yaml │ │ ├── connector.flomesh.io_machineconnectors.yaml │ │ ├── connector.flomesh.io_nacosconnectors.yaml │ │ ├── connector.flomesh.io_zookeeperconnectors.yaml │ │ ├── extension.gateway.flomesh.io_circuitbreakers.yaml │ │ ├── extension.gateway.flomesh.io_concurrencylimits.yaml │ │ ├── extension.gateway.flomesh.io_dnsmodifiers.yaml │ │ ├── extension.gateway.flomesh.io_externalratelimits.yaml │ │ ├── extension.gateway.flomesh.io_faultinjections.yaml │ │ ├── extension.gateway.flomesh.io_filterconfigs.yaml │ │ ├── extension.gateway.flomesh.io_filterdefinitions.yaml │ │ ├── extension.gateway.flomesh.io_filters.yaml │ │ ├── extension.gateway.flomesh.io_httplogs.yaml │ │ ├── extension.gateway.flomesh.io_iprestrictions.yaml │ │ ├── extension.gateway.flomesh.io_listenerfilters.yaml │ │ ├── extension.gateway.flomesh.io_metrics.yaml │ │ ├── extension.gateway.flomesh.io_proxytags.yaml │ │ ├── extension.gateway.flomesh.io_ratelimits.yaml │ │ ├── extension.gateway.flomesh.io_requestterminations.yaml │ │ ├── extension.gateway.flomesh.io_zipkins.yaml │ │ ├── gateway.flomesh.io_backendlbpolicies.yaml │ │ ├── gateway.flomesh.io_healthcheckpolicies.yaml │ │ ├── gateway.flomesh.io_routerulefilterpolicies.yaml │ │ ├── gatewayclasses.gateway.networking.k8s.io.yaml │ │ ├── gateways.gateway.networking.k8s.io.yaml │ │ ├── grpcroutes.gateway.networking.k8s.io.yaml │ │ ├── httproutes.gateway.networking.k8s.io.yaml │ │ ├── machine.flomesh.io_virtualmachines.yaml │ │ ├── multicluster.flomesh.io_clusters.yaml │ │ ├── multicluster.flomesh.io_globaltrafficpolicies.yaml │ │ ├── multicluster.flomesh.io_serviceexports.yaml │ │ ├── multicluster.flomesh.io_serviceimports.yaml │ │ ├── networking.flomesh.io_namespacedingresses.yaml │ │ ├── plugin.flomesh.io_pluginchains.yaml │ │ ├── plugin.flomesh.io_pluginconfigs.yaml │ │ ├── plugin.flomesh.io_plugins.yaml │ │ ├── policy.flomesh.io_accesscerts.yaml │ │ ├── policy.flomesh.io_accesscontrols.yaml │ │ ├── policy.flomesh.io_egresses.yaml │ │ ├── policy.flomesh.io_egressgateways.yaml │ │ ├── policy.flomesh.io_ingressbackends.yaml │ │ ├── policy.flomesh.io_isolations.yaml │ │ ├── policy.flomesh.io_retries.yaml │ │ ├── policy.flomesh.io_trafficwarmups.yaml │ │ ├── policy.flomesh.io_upstreamtrafficsettings.yaml │ │ ├── referencegrants.gateway.networking.k8s.io.yaml │ │ ├── smi_http_route_group.yaml │ │ ├── smi_tcp_route.yaml │ │ ├── smi_traffic_access.yaml │ │ ├── smi_traffic_split.yaml │ │ ├── tcproutes.gateway.networking.k8s.io.yaml │ │ ├── tlsroutes.gateway.networking.k8s.io.yaml │ │ ├── traffic.flomesh.io_httptrafficrules.yaml │ │ ├── traffic.flomesh.io_trafficsplits.yaml │ │ ├── udproutes.gateway.networking.k8s.io.yaml │ │ ├── xbackendtrafficpolicies.gateway.networking.x-k8s.io.yaml │ │ ├── xlistenersets.gateway.networking.x-k8s.io.yaml │ │ ├── xnetwork.flomesh.io_accesscontrols.yaml │ │ └── xnetwork.flomesh.io_eipadvertisements.yaml │ ├── fsm-bootstrap.go │ ├── fsm-bootstrap_test.go │ └── raw │ │ ├── gateway-api.yaml │ │ └── kustomization.yaml ├── fsm-connector │ └── fsm-connector.go ├── fsm-controller │ ├── fsm-controller.go │ ├── fsm-controller_test.go │ ├── suite_test.go │ ├── validate.go │ └── validate_test.go ├── fsm-gateway │ └── fsm-gateway.go ├── fsm-healthcheck │ ├── fsm-healthcheck.go │ └── fsm-healthcheck_test.go ├── fsm-ingress │ └── fsm-ingress.go ├── fsm-injector │ └── fsm-injector.go ├── fsm-preinstall │ ├── fsm-preinstall.go │ └── fsm-preinstall_test.go └── fsm-xnetmgmt │ └── fsm-xnetmgmt.go ├── codegen ├── boilerplate.go.txt └── gen-crd-client.sh ├── community └── logos │ ├── README.md │ ├── fsm-avatar.png │ ├── fsm-branding-main.sketch │ ├── fsm-logo.svg │ ├── fsm-twitter-banner.jpg │ ├── fsm-twitter-banner.png │ ├── horizontal │ ├── fsm-logo-strapline.png │ └── fsm-logo-strapline.svg │ ├── icon │ ├── favicon-16.png │ ├── favicon-256.png │ ├── favicon-32.png │ ├── icon.png │ └── icon.svg │ ├── styleguide │ ├── fsm-styleguide-typography.png │ ├── fsm-website.png │ └── palette.png │ └── vertical │ ├── fsm-logo-compact.png │ ├── fsm-logo-compact.svg │ ├── fsm-logo-stacked.png │ └── fsm-logo-stacked.svg ├── demo ├── README.md ├── clean-kubernetes.sh ├── cmd │ ├── bookbuyer │ │ ├── bookbuyer.go │ │ └── bookbuyer.html.template │ ├── bookstore │ │ ├── bookstore.go │ │ └── bookstore.html.template │ ├── bookthief │ │ ├── bookthief.go │ │ └── bookthief.html.template │ ├── bookwarehouse │ │ └── bookwarehouse.go │ ├── bookwatcher │ │ └── bookwatcher.go │ ├── common │ │ ├── books.go │ │ └── const.go │ ├── database │ │ └── mysql.go │ ├── tcp-client │ │ └── tcp-client.go │ └── tcp-echo-server │ │ └── tcp-echo-server.go ├── configure-app-namespaces.sh ├── copy-fsm-ca-bundle.sh ├── deploy-apps.sh ├── deploy-bookbuyer.sh ├── deploy-bookstore-with-same-sa.sh ├── deploy-bookstore.sh ├── deploy-bookthief.sh ├── deploy-bookwarehouse.sh ├── deploy-cert-manager.sh ├── deploy-kafka.sh ├── deploy-mysql.sh ├── deploy-smi-policies.sh ├── deploy-tcp-client.sh ├── deploy-tcp-echo-service.sh ├── deploy-traffic-ratelimit.sh ├── deploy-traffic-specs.sh ├── deploy-traffic-split.sh ├── deploy-traffic-target-with-same-sa.sh ├── deploy-traffic-target.sh ├── deploy-vault.sh ├── deploy-zookeeper.sh ├── graph.dot ├── graph.svg ├── ingress │ ├── deploy-ingress-agic.sh │ ├── deploy-ingress-nginx-with-host.sh │ └── deploy-ingress-nginx.sh ├── join-namespaces.sh ├── reset-counters.sh ├── reset.sh ├── rolling-restart.sh ├── run-fsm-demo.sh ├── tail-bookbuyer-sidecar.sh ├── tail-bookbuyer.sh ├── tail-bookstore-sidecar.sh ├── tail-bookstore.sh ├── tail-bookthief-sidecar.sh ├── tail-bookthief.sh ├── tail-bookwarehouse-sidecar.sh ├── tail-bookwarehouse.sh ├── tail-fluentbit-logs.sh ├── tail-fsm-consul-connector-logs.sh ├── tail-fsm-controller-logs.sh ├── tail-fsm-eureka-connector-logs.sh ├── tail-fsm-gateway-connector-logs.sh ├── tail-fsm-injector-logs.sh ├── tail-fsm-machine-connector-logs.sh ├── tail-fsm-nacos-connector-logs.sh ├── tail-fsm-xnetwork-xmgt-logs.sh ├── tail-fsm-xnetwork-xnet-logs.sh ├── tail-fsm-zookeeper-connector-logs.sh ├── tail-vault.sh └── unjoin-namespaces.sh ├── dockerfiles ├── Dockerfile.demo ├── Dockerfile.euler ├── Dockerfile.fsm-bootstrap ├── Dockerfile.fsm-connector ├── Dockerfile.fsm-controller ├── Dockerfile.fsm-crds ├── Dockerfile.fsm-curl ├── Dockerfile.fsm-gateway ├── Dockerfile.fsm-healthcheck ├── Dockerfile.fsm-ingress ├── Dockerfile.fsm-injector ├── Dockerfile.fsm-preinstall ├── Dockerfile.fsm-sidecar-init ├── Dockerfile.fsm-xnetmgmt ├── Dockerfile.pipy-debian ├── Dockerfile.pipy-nonroot └── euler.repo ├── docs ├── README.md ├── api_reference │ ├── README.md │ └── config.json ├── automerge.md ├── certificate_management.md ├── development_guide │ ├── README.md │ ├── fsm-components-and-interactions.png │ ├── openshift │ │ └── openshift_nightly.md │ └── wasm.md ├── gateway-api-compatibility.md ├── how_fsm_uses_envoy.md ├── images │ ├── fsm-components-and-interactions.png │ ├── fsm-git-release.jpg │ ├── fsm-install-demo.gif │ ├── fsm_certificate_management1.png │ └── grafana.gif ├── issue_triage_guide.md ├── pull_request_review_guide.md ├── release_guide.md ├── release_notes.md ├── release_process.md └── tests │ ├── dnsmasq │ └── README.md │ ├── gateway-api │ └── README.md │ └── multicluster │ └── README.md ├── environments.md ├── go.mod ├── go.sum ├── mockspec ├── generate.go └── rules ├── pkg ├── announcements │ └── types.go ├── apis │ ├── config │ │ ├── v1alpha1 │ │ │ ├── doc.go │ │ │ ├── mesh_config.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ │ ├── v1alpha2 │ │ │ ├── doc.go │ │ │ ├── mesh_config.go │ │ │ ├── meshrootcertificate.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ │ └── v1alpha3 │ │ │ ├── doc.go │ │ │ ├── mesh_config.go │ │ │ ├── meshrootcertificate.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── connector │ │ └── v1alpha1 │ │ │ ├── consul.go │ │ │ ├── doc.go │ │ │ ├── eureka.go │ │ │ ├── gateway.go │ │ │ ├── machine.go │ │ │ ├── nacos.go │ │ │ ├── types.go │ │ │ ├── zookeeper.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── extension │ │ └── v1alpha1 │ │ │ ├── circuitbreaker.go │ │ │ ├── concurrencylimit.go │ │ │ ├── dnsmodifier.go │ │ │ ├── doc.go │ │ │ ├── externalratelimit.go │ │ │ ├── faultinjection.go │ │ │ ├── filter.go │ │ │ ├── filterconfig.go │ │ │ ├── filterdefinition.go │ │ │ ├── httplog.go │ │ │ ├── iprestriction.go │ │ │ ├── listenerfilter.go │ │ │ ├── metrics.go │ │ │ ├── proxytag.go │ │ │ ├── ratelimit.go │ │ │ ├── requesttermination.go │ │ │ ├── shared_types.go │ │ │ ├── zipkin.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── gateway │ │ ├── v1 │ │ │ ├── types.go │ │ │ ├── util │ │ │ │ └── validation │ │ │ │ │ ├── gatewayclass.go │ │ │ │ │ └── gatewayclass_test.go │ │ │ └── validation │ │ │ │ ├── common.go │ │ │ │ ├── common_test.go │ │ │ │ ├── doc.go │ │ │ │ ├── gateway.go │ │ │ │ ├── gateway_test.go │ │ │ │ ├── gatewayclass.go │ │ │ │ ├── gatewayclass_test.go │ │ │ │ ├── grpcroute.go │ │ │ │ ├── grpcroute_test.go │ │ │ │ ├── httproute.go │ │ │ │ └── httproute_test.go │ │ ├── v1alpha2 │ │ │ ├── util │ │ │ │ └── validation │ │ │ │ │ └── gatewayclass.go │ │ │ └── validation │ │ │ │ ├── common.go │ │ │ │ ├── doc.go │ │ │ │ ├── tcproute.go │ │ │ │ ├── tcproute_test.go │ │ │ │ ├── tlsroute.go │ │ │ │ ├── tlsroute_test.go │ │ │ │ ├── udproute.go │ │ │ │ ├── udproute_test.go │ │ │ │ └── utils_test.go │ │ └── v1beta1 │ │ │ ├── util │ │ │ └── validation │ │ │ │ ├── gatewayclass.go │ │ │ │ └── gatewayclass_test.go │ │ │ └── validation │ │ │ ├── common.go │ │ │ ├── common_test.go │ │ │ └── doc.go │ ├── machine │ │ └── v1alpha1 │ │ │ ├── doc.go │ │ │ ├── vm.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── multicluster │ │ └── v1alpha1 │ │ │ ├── cluster_types.go │ │ │ ├── doc.go │ │ │ ├── globaltrafficpolicy_types.go │ │ │ ├── serviceexport_types.go │ │ │ ├── serviceimport_types.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── namespacedingress │ │ └── v1alpha1 │ │ │ ├── doc.go │ │ │ ├── namespacedingress_types.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── networking │ │ └── v1 │ │ │ ├── doc.go │ │ │ ├── ingress_class.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── plugin │ │ └── v1alpha1 │ │ │ ├── doc.go │ │ │ ├── plugin.go │ │ │ ├── plugin_chain.go │ │ │ ├── plugin_config.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── policy │ │ └── v1alpha1 │ │ │ ├── accesscert.go │ │ │ ├── accesscontrol.go │ │ │ ├── doc.go │ │ │ ├── egress.go │ │ │ ├── egress_gateway.go │ │ │ ├── ingress_backend.go │ │ │ ├── isolation.go │ │ │ ├── retry.go │ │ │ ├── traffic_warmup.go │ │ │ ├── upstreamtrafficsetting.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── policyattachment │ │ └── v1alpha2 │ │ │ ├── backendlb.go │ │ │ ├── doc.go │ │ │ ├── healthcheck.go │ │ │ ├── routerulefilter.go │ │ │ ├── types.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ ├── shared_types.go │ ├── traffic │ │ └── v1alpha1 │ │ │ ├── doc.go │ │ │ ├── helpers.go │ │ │ ├── http_route.go │ │ │ ├── traffic_split.go │ │ │ ├── zz_generated.deepcopy.go │ │ │ └── zz_generated.register.go │ └── xnetwork │ │ └── v1alpha1 │ │ ├── accesscontrol.go │ │ ├── doc.go │ │ ├── eipadvertisement.go │ │ ├── zz_generated.deepcopy.go │ │ └── zz_generated.register.go ├── bugreport │ ├── archive.go │ ├── controlplane.go │ ├── ingress.go │ ├── namespace.go │ ├── pod.go │ ├── run.go │ ├── run_test.go │ └── types.go ├── catalog │ ├── access_control.go │ ├── catalog.go │ ├── configurator.go │ ├── debugger.go │ ├── debugger_test.go │ ├── egress.go │ ├── egress_gateway.go │ ├── egress_test.go │ ├── endpoint.go │ ├── endpoint_test.go │ ├── errors.go │ ├── fake │ │ └── fake.go │ ├── helpers_test.go │ ├── inbound_traffic_policies.go │ ├── inbound_traffic_policies_test.go │ ├── ingress.go │ ├── ingress_test.go │ ├── isolation.go │ ├── mock_catalog_generated.go │ ├── multi_cluster.go │ ├── outbound_traffic_policies.go │ ├── outbound_traffic_policies_test.go │ ├── plugin.go │ ├── retry.go │ ├── retry_test.go │ ├── service.go │ ├── service_test.go │ ├── suite_test.go │ ├── traffictarget.go │ ├── traffictarget_test.go │ ├── trafficwarmup.go │ └── types.go ├── certificate │ ├── README.md │ ├── castorage │ │ └── k8s │ │ │ ├── k8s.go │ │ │ └── k8s_test.go │ ├── certificate.go │ ├── certificate_test.go │ ├── encode.go │ ├── encode_test.go │ ├── errors.go │ ├── fake_manager.go │ ├── manager.go │ ├── manager_test.go │ ├── options.go │ ├── pem │ │ └── types.go │ ├── providers │ │ ├── certmanager │ │ │ ├── certificate_manager.go │ │ │ ├── certificate_manager_test.go │ │ │ ├── helpers.go │ │ │ ├── suite_test.go │ │ │ └── types.go │ │ ├── compat.go │ │ ├── config.go │ │ ├── config_test.go │ │ ├── mrc.go │ │ ├── options.go │ │ ├── options_test.go │ │ ├── tresor │ │ │ ├── README.md │ │ │ ├── ca.go │ │ │ ├── ca_test.go │ │ │ ├── certificate_manager.go │ │ │ ├── certificate_manager_benchmark_test.go │ │ │ ├── certificate_manager_test.go │ │ │ ├── errors.go │ │ │ ├── fake │ │ │ │ └── fake.go │ │ │ ├── suite_test.go │ │ │ └── types.go │ │ ├── types.go │ │ └── vault │ │ │ ├── certificate_manager.go │ │ │ ├── certificate_manager_test.go │ │ │ ├── suite_test.go │ │ │ ├── tools.go │ │ │ ├── tools_test.go │ │ │ └── types.go │ ├── suite_test.go │ └── types.go ├── cli │ ├── chart_source.go │ ├── chart_source_test.go │ ├── environment.go │ ├── environment_test.go │ ├── policy_check.go │ ├── proxy_get.go │ └── spinner.go ├── configurator │ ├── client.go │ ├── client_test.go │ ├── methods.go │ ├── methods_test.go │ ├── mock_client_generated.go │ ├── suite_test.go │ └── types.go ├── connector │ ├── annotation.go │ ├── cache.go │ ├── cli │ │ ├── broadcast.go │ │ ├── cache.go │ │ ├── client.go │ │ ├── config.go │ │ ├── context.go │ │ ├── flags.go │ │ ├── job.go │ │ ├── pod.go │ │ ├── run.go │ │ ├── sync.go │ │ ├── types.go │ │ └── validate.go │ ├── context.go │ ├── controller.go │ ├── ctok │ │ ├── aggregate.go │ │ ├── coalesce.go │ │ ├── derive.go │ │ ├── endpoints.go │ │ ├── job.go │ │ ├── source.go │ │ ├── syncer.go │ │ └── types.go │ ├── discovery.go │ ├── ktoc │ │ ├── broadcast.go │ │ ├── source.go │ │ └── syncer.go │ ├── ktog │ │ ├── gateway.go │ │ ├── source.go │ │ └── syncer.go │ ├── metadata.go │ ├── provider │ │ ├── consul.go │ │ ├── eureka.go │ │ ├── log.go │ │ ├── machine.go │ │ ├── nacos.go │ │ └── zookeeper.go │ ├── resource.go │ ├── types.go │ └── watcher.go ├── constants │ ├── constants.go │ └── suite_test.go ├── context │ ├── methods.go │ ├── types.go │ └── utils.go ├── controllers │ ├── cluster │ │ └── v1alpha1 │ │ │ └── cluster_controller.go │ ├── connector │ │ └── v1alpha1 │ │ │ ├── consul_controller.go │ │ │ ├── eureka_controller.go │ │ │ ├── gateway_controller.go │ │ │ ├── machine_controller.go │ │ │ ├── nacos_controller.go │ │ │ ├── types.go │ │ │ └── zookeeper_controller.go │ ├── extension │ │ └── v1alpha1 │ │ │ ├── circuitbreaker_controller.go │ │ │ ├── concurrencylimit_controller.go │ │ │ ├── dnsmodifier_controller.go │ │ │ ├── externalratelimit_controller.go │ │ │ ├── faultinjection_controller.go │ │ │ ├── filter_controller.go │ │ │ ├── filterconfig_controller.go │ │ │ ├── filterdefinition_controller.go │ │ │ ├── httplog_controller.go │ │ │ ├── iptrestriction_controller.go │ │ │ ├── listenerfilter_controller.go │ │ │ ├── metrics_controller.go │ │ │ ├── proxytag_controller.go │ │ │ ├── ratelimit_controller.go │ │ │ ├── requesttermination_controller.go │ │ │ └── zipkin_controller.go │ ├── flb │ │ ├── event_handlers.go │ │ ├── service_controller.go │ │ ├── settings.go │ │ ├── tls_secret_controller.go │ │ ├── types.go │ │ └── utils.go │ ├── gateway │ │ ├── v1 │ │ │ ├── gateway_controller.go │ │ │ ├── gateway_methods.go │ │ │ ├── gatewayclass_controller.go │ │ │ ├── grpcroute_controller.go │ │ │ ├── httproute_controller.go │ │ │ ├── types.go │ │ │ └── utils.go │ │ ├── v1alpha2 │ │ │ ├── tcproute_controller.go │ │ │ ├── tlsroute_controller.go │ │ │ ├── types.go │ │ │ └── udproute_controller.go │ │ └── v1beta1 │ │ │ └── referencegrant_controller.go │ ├── mcs │ │ └── v1alpha1 │ │ │ ├── common.go │ │ │ ├── endpointslice_controller.go │ │ │ ├── service_controller.go │ │ │ ├── serviceexport_controller.go │ │ │ └── serviceimport_controller.go │ ├── namespacedingress │ │ └── v1alpha1 │ │ │ └── namespacedingress_controller.go │ ├── policyattachment │ │ ├── v1alpha2 │ │ │ ├── backendlbpolicy_controller.go │ │ │ ├── healthcheckpolicy_controller.go │ │ │ └── routefilterpolicy_controller.go │ │ └── v1alpha3 │ │ │ └── backendtlspolicy_controller.go │ ├── servicelb │ │ ├── node_controller.go │ │ ├── service_controller.go │ │ └── types.go │ └── types.go ├── dns │ ├── config.go │ ├── handler.go │ ├── records.go │ ├── resolver.go │ ├── server.go │ └── types.go ├── endpoint │ ├── endpoint_test.go │ ├── mock_endpoint_provider_generated.go │ └── types.go ├── errcode │ ├── errcode.go │ └── errcode_test.go ├── flb │ ├── types.go │ └── utils.go ├── gateway │ ├── client.go │ ├── fgw │ │ ├── config.go │ │ └── types.go │ ├── informers.go │ ├── mock_client_generated.go │ ├── processor │ │ ├── mock_generator_generated.go │ │ ├── mock_processor_generated.go │ │ ├── mock_trigger_generated.go │ │ ├── triggers │ │ │ ├── extension │ │ │ │ ├── circuitbreakers_trigger.go │ │ │ │ ├── concurrencylimits_trigger.go │ │ │ │ ├── dnsmodifiers_trigger.go │ │ │ │ ├── externalratelimits_trigger.go │ │ │ │ ├── faultinjections_trigger.go │ │ │ │ ├── filterconfigs_trigger.go │ │ │ │ ├── filterdefinitions_trigger.go │ │ │ │ ├── filters_trigger.go │ │ │ │ ├── httplogs_trigger.go │ │ │ │ ├── iprestrictions_trigger.go │ │ │ │ ├── listenerfilters_trigger.go │ │ │ │ ├── metrics_trigger.go │ │ │ │ ├── proxytags_trigger.go │ │ │ │ ├── ratelimits_trigger.go │ │ │ │ ├── requestterminations_trigger.go │ │ │ │ ├── types.go │ │ │ │ └── zipkins_trigger.go │ │ │ ├── gateway │ │ │ │ ├── gatewayclasses_trigger.go │ │ │ │ ├── gateways_trigger.go │ │ │ │ ├── grpcroutes_trigger.go │ │ │ │ ├── httproutes_trigger.go │ │ │ │ ├── referencegrants_trigger.go │ │ │ │ ├── tcproutes_trigger.go │ │ │ │ ├── tlsroutes_trigger.go │ │ │ │ ├── types.go │ │ │ │ └── udproutes_trigger.go │ │ │ ├── k8s │ │ │ │ ├── configmaps_trigger.go │ │ │ │ ├── endpoints_trigger.go │ │ │ │ ├── endpointslices_trigger.go │ │ │ │ ├── secret_trigger.go │ │ │ │ ├── service_trigger.go │ │ │ │ ├── serviceimports_trigger.go │ │ │ │ └── types.go │ │ │ └── policy │ │ │ │ └── v2 │ │ │ │ ├── backendlb_trigger.go │ │ │ │ ├── backendtls_trigger.go │ │ │ │ ├── healthchecks_trigger.go │ │ │ │ ├── routefilter_trigger.go │ │ │ │ └── types.go │ │ ├── types.go │ │ └── v2 │ │ │ ├── backend_lb_policy.go │ │ │ ├── backend_tls_policy.go │ │ │ ├── backends.go │ │ │ ├── config.go │ │ │ ├── filters.go │ │ │ ├── gateway.go │ │ │ ├── generator.go │ │ │ ├── grpcroute.go │ │ │ ├── health_check_policy.go │ │ │ ├── httproute.go │ │ │ ├── policies.go │ │ │ ├── processor.go │ │ │ ├── route_filter_policy.go │ │ │ ├── tcproute.go │ │ │ ├── tlsroute.go │ │ │ ├── triggers.go │ │ │ ├── types.go │ │ │ ├── udproute.go │ │ │ └── utils.go │ ├── repo │ │ ├── broadcast.go │ │ ├── jobs.go │ │ └── types.go │ ├── status │ │ ├── gw │ │ │ └── gateway.go │ │ ├── policies │ │ │ └── policy.go │ │ ├── routes │ │ │ ├── backendlb.go │ │ │ ├── backendtls.go │ │ │ ├── grpcroute.go │ │ │ ├── healthcheck.go │ │ │ ├── httproute.go │ │ │ ├── methods.go │ │ │ ├── processor.go │ │ │ ├── route.go │ │ │ ├── routerulefilter.go │ │ │ ├── tcproute.go │ │ │ ├── types.go │ │ │ ├── udproute.go │ │ │ └── utils.go │ │ ├── status.go │ │ └── types.go │ ├── types.go │ ├── types │ │ ├── selectors.go │ │ └── types.go │ └── utils │ │ ├── backends.go │ │ ├── certificates.go │ │ ├── endpoints.go │ │ ├── endpointslices.go │ │ ├── filters.go │ │ ├── gateway.go │ │ ├── gatewayclass.go │ │ ├── policies.go │ │ ├── referencegrants.go │ │ ├── service.go │ │ └── utils.go ├── gen │ └── client │ │ ├── config │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── config │ │ │ │ ├── v1alpha1 │ │ │ │ ├── config_client.go │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ │ ├── doc.go │ │ │ │ │ ├── fake_config_client.go │ │ │ │ │ └── fake_meshconfig.go │ │ │ │ ├── generated_expansion.go │ │ │ │ └── meshconfig.go │ │ │ │ ├── v1alpha2 │ │ │ │ ├── config_client.go │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ │ ├── doc.go │ │ │ │ │ ├── fake_config_client.go │ │ │ │ │ ├── fake_meshconfig.go │ │ │ │ │ └── fake_meshrootcertificate.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── meshconfig.go │ │ │ │ └── meshrootcertificate.go │ │ │ │ └── v1alpha3 │ │ │ │ ├── config_client.go │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_config_client.go │ │ │ │ ├── fake_meshconfig.go │ │ │ │ └── fake_meshrootcertificate.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── meshconfig.go │ │ │ │ └── meshrootcertificate.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── config │ │ │ │ ├── interface.go │ │ │ │ ├── v1alpha1 │ │ │ │ │ ├── interface.go │ │ │ │ │ └── meshconfig.go │ │ │ │ ├── v1alpha2 │ │ │ │ │ ├── interface.go │ │ │ │ │ ├── meshconfig.go │ │ │ │ │ └── meshrootcertificate.go │ │ │ │ └── v1alpha3 │ │ │ │ │ ├── interface.go │ │ │ │ │ ├── meshconfig.go │ │ │ │ │ └── meshrootcertificate.go │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ └── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ └── listers │ │ │ └── config │ │ │ ├── v1alpha1 │ │ │ ├── expansion_generated.go │ │ │ └── meshconfig.go │ │ │ ├── v1alpha2 │ │ │ ├── expansion_generated.go │ │ │ ├── meshconfig.go │ │ │ └── meshrootcertificate.go │ │ │ └── v1alpha3 │ │ │ ├── expansion_generated.go │ │ │ ├── meshconfig.go │ │ │ └── meshrootcertificate.go │ │ ├── connector │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── connector │ │ │ │ └── v1alpha1 │ │ │ │ ├── connector_client.go │ │ │ │ ├── consulconnector.go │ │ │ │ ├── doc.go │ │ │ │ ├── eurekaconnector.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_connector_client.go │ │ │ │ ├── fake_consulconnector.go │ │ │ │ ├── fake_eurekaconnector.go │ │ │ │ ├── fake_gatewayconnector.go │ │ │ │ ├── fake_machineconnector.go │ │ │ │ ├── fake_nacosconnector.go │ │ │ │ └── fake_zookeeperconnector.go │ │ │ │ ├── gatewayconnector.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── machineconnector.go │ │ │ │ ├── nacosconnector.go │ │ │ │ └── zookeeperconnector.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── connector │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ │ ├── consulconnector.go │ │ │ │ │ ├── eurekaconnector.go │ │ │ │ │ ├── gatewayconnector.go │ │ │ │ │ ├── interface.go │ │ │ │ │ ├── machineconnector.go │ │ │ │ │ ├── nacosconnector.go │ │ │ │ │ └── zookeeperconnector.go │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ └── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ └── listers │ │ │ └── connector │ │ │ └── v1alpha1 │ │ │ ├── consulconnector.go │ │ │ ├── eurekaconnector.go │ │ │ ├── expansion_generated.go │ │ │ ├── gatewayconnector.go │ │ │ ├── machineconnector.go │ │ │ ├── nacosconnector.go │ │ │ └── zookeeperconnector.go │ │ ├── extension │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── extension │ │ │ │ └── v1alpha1 │ │ │ │ ├── circuitbreaker.go │ │ │ │ ├── concurrencylimit.go │ │ │ │ ├── dnsmodifier.go │ │ │ │ ├── doc.go │ │ │ │ ├── extension_client.go │ │ │ │ ├── externalratelimit.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_circuitbreaker.go │ │ │ │ ├── fake_concurrencylimit.go │ │ │ │ ├── fake_dnsmodifier.go │ │ │ │ ├── fake_extension_client.go │ │ │ │ ├── fake_externalratelimit.go │ │ │ │ ├── fake_faultinjection.go │ │ │ │ ├── fake_filter.go │ │ │ │ ├── fake_filterconfig.go │ │ │ │ ├── fake_filterdefinition.go │ │ │ │ ├── fake_httplog.go │ │ │ │ ├── fake_iprestriction.go │ │ │ │ ├── fake_listenerfilter.go │ │ │ │ ├── fake_metrics.go │ │ │ │ ├── fake_proxytag.go │ │ │ │ ├── fake_ratelimit.go │ │ │ │ ├── fake_requesttermination.go │ │ │ │ └── fake_zipkin.go │ │ │ │ ├── faultinjection.go │ │ │ │ ├── filter.go │ │ │ │ ├── filterconfig.go │ │ │ │ ├── filterdefinition.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── httplog.go │ │ │ │ ├── iprestriction.go │ │ │ │ ├── listenerfilter.go │ │ │ │ ├── metrics.go │ │ │ │ ├── proxytag.go │ │ │ │ ├── ratelimit.go │ │ │ │ ├── requesttermination.go │ │ │ │ └── zipkin.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── extension │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ │ ├── circuitbreaker.go │ │ │ │ │ ├── concurrencylimit.go │ │ │ │ │ ├── dnsmodifier.go │ │ │ │ │ ├── externalratelimit.go │ │ │ │ │ ├── faultinjection.go │ │ │ │ │ ├── filter.go │ │ │ │ │ ├── filterconfig.go │ │ │ │ │ ├── filterdefinition.go │ │ │ │ │ ├── httplog.go │ │ │ │ │ ├── interface.go │ │ │ │ │ ├── iprestriction.go │ │ │ │ │ ├── listenerfilter.go │ │ │ │ │ ├── metrics.go │ │ │ │ │ ├── proxytag.go │ │ │ │ │ ├── ratelimit.go │ │ │ │ │ ├── requesttermination.go │ │ │ │ │ └── zipkin.go │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ └── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ └── listers │ │ │ └── extension │ │ │ └── v1alpha1 │ │ │ ├── circuitbreaker.go │ │ │ ├── concurrencylimit.go │ │ │ ├── dnsmodifier.go │ │ │ ├── expansion_generated.go │ │ │ ├── externalratelimit.go │ │ │ ├── faultinjection.go │ │ │ ├── filter.go │ │ │ ├── filterconfig.go │ │ │ ├── filterdefinition.go │ │ │ ├── httplog.go │ │ │ ├── iprestriction.go │ │ │ ├── listenerfilter.go │ │ │ ├── metrics.go │ │ │ ├── proxytag.go │ │ │ ├── ratelimit.go │ │ │ ├── requesttermination.go │ │ │ └── zipkin.go │ │ ├── machine │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── machine │ │ │ │ └── v1alpha1 │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_machine_client.go │ │ │ │ └── fake_virtualmachine.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── machine_client.go │ │ │ │ └── virtualmachine.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── machine │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ ├── interface.go │ │ │ │ └── virtualmachine.go │ │ └── listers │ │ │ └── machine │ │ │ └── v1alpha1 │ │ │ ├── expansion_generated.go │ │ │ └── virtualmachine.go │ │ ├── multicluster │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── multicluster │ │ │ │ └── v1alpha1 │ │ │ │ ├── cluster.go │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_cluster.go │ │ │ │ ├── fake_globaltrafficpolicy.go │ │ │ │ ├── fake_multicluster_client.go │ │ │ │ ├── fake_serviceexport.go │ │ │ │ └── fake_serviceimport.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── globaltrafficpolicy.go │ │ │ │ ├── multicluster_client.go │ │ │ │ ├── serviceexport.go │ │ │ │ └── serviceimport.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── multicluster │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ ├── cluster.go │ │ │ │ ├── globaltrafficpolicy.go │ │ │ │ ├── interface.go │ │ │ │ ├── serviceexport.go │ │ │ │ └── serviceimport.go │ │ └── listers │ │ │ └── multicluster │ │ │ └── v1alpha1 │ │ │ ├── cluster.go │ │ │ ├── expansion_generated.go │ │ │ ├── globaltrafficpolicy.go │ │ │ ├── serviceexport.go │ │ │ └── serviceimport.go │ │ ├── namespacedingress │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── namespacedingress │ │ │ │ └── v1alpha1 │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_namespacedingress.go │ │ │ │ └── fake_namespacedingress_client.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── namespacedingress.go │ │ │ │ └── namespacedingress_client.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── namespacedingress │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ ├── interface.go │ │ │ │ └── namespacedingress.go │ │ └── listers │ │ │ └── namespacedingress │ │ │ └── v1alpha1 │ │ │ ├── expansion_generated.go │ │ │ └── namespacedingress.go │ │ ├── networking │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── networking │ │ │ │ └── v1 │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_ingressclass.go │ │ │ │ └── fake_networking_client.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── ingressclass.go │ │ │ │ └── networking_client.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── networking │ │ │ │ ├── interface.go │ │ │ │ └── v1 │ │ │ │ ├── ingressclass.go │ │ │ │ └── interface.go │ │ └── listers │ │ │ └── networking │ │ │ └── v1 │ │ │ ├── expansion_generated.go │ │ │ └── ingressclass.go │ │ ├── plugin │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── plugin │ │ │ │ └── v1alpha1 │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_plugin.go │ │ │ │ ├── fake_plugin_client.go │ │ │ │ ├── fake_pluginchain.go │ │ │ │ └── fake_pluginconfig.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── plugin.go │ │ │ │ ├── plugin_client.go │ │ │ │ ├── pluginchain.go │ │ │ │ └── pluginconfig.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── plugin │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ ├── interface.go │ │ │ │ ├── plugin.go │ │ │ │ ├── pluginchain.go │ │ │ │ └── pluginconfig.go │ │ └── listers │ │ │ └── plugin │ │ │ └── v1alpha1 │ │ │ ├── expansion_generated.go │ │ │ ├── plugin.go │ │ │ ├── pluginchain.go │ │ │ └── pluginconfig.go │ │ ├── policy │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── policy │ │ │ │ └── v1alpha1 │ │ │ │ ├── accesscert.go │ │ │ │ ├── accesscontrol.go │ │ │ │ ├── doc.go │ │ │ │ ├── egress.go │ │ │ │ ├── egressgateway.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_accesscert.go │ │ │ │ ├── fake_accesscontrol.go │ │ │ │ ├── fake_egress.go │ │ │ │ ├── fake_egressgateway.go │ │ │ │ ├── fake_ingressbackend.go │ │ │ │ ├── fake_isolation.go │ │ │ │ ├── fake_policy_client.go │ │ │ │ ├── fake_retry.go │ │ │ │ ├── fake_trafficwarmup.go │ │ │ │ └── fake_upstreamtrafficsetting.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── ingressbackend.go │ │ │ │ ├── isolation.go │ │ │ │ ├── policy_client.go │ │ │ │ ├── retry.go │ │ │ │ ├── trafficwarmup.go │ │ │ │ └── upstreamtrafficsetting.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── policy │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ ├── accesscert.go │ │ │ │ ├── accesscontrol.go │ │ │ │ ├── egress.go │ │ │ │ ├── egressgateway.go │ │ │ │ ├── ingressbackend.go │ │ │ │ ├── interface.go │ │ │ │ ├── isolation.go │ │ │ │ ├── retry.go │ │ │ │ ├── trafficwarmup.go │ │ │ │ └── upstreamtrafficsetting.go │ │ └── listers │ │ │ └── policy │ │ │ └── v1alpha1 │ │ │ ├── accesscert.go │ │ │ ├── accesscontrol.go │ │ │ ├── egress.go │ │ │ ├── egressgateway.go │ │ │ ├── expansion_generated.go │ │ │ ├── ingressbackend.go │ │ │ ├── isolation.go │ │ │ ├── retry.go │ │ │ ├── trafficwarmup.go │ │ │ └── upstreamtrafficsetting.go │ │ ├── policyattachment │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── policyattachment │ │ │ │ └── v1alpha2 │ │ │ │ ├── backendlbpolicy.go │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_backendlbpolicy.go │ │ │ │ ├── fake_healthcheckpolicy.go │ │ │ │ ├── fake_policyattachment_client.go │ │ │ │ └── fake_routerulefilterpolicy.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── healthcheckpolicy.go │ │ │ │ ├── policyattachment_client.go │ │ │ │ └── routerulefilterpolicy.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── policyattachment │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha2 │ │ │ │ ├── backendlbpolicy.go │ │ │ │ ├── healthcheckpolicy.go │ │ │ │ ├── interface.go │ │ │ │ └── routerulefilterpolicy.go │ │ └── listers │ │ │ └── policyattachment │ │ │ └── v1alpha2 │ │ │ ├── backendlbpolicy.go │ │ │ ├── expansion_generated.go │ │ │ ├── healthcheckpolicy.go │ │ │ └── routerulefilterpolicy.go │ │ ├── traffic │ │ ├── clientset │ │ │ └── versioned │ │ │ │ ├── clientset.go │ │ │ │ ├── fake │ │ │ │ ├── clientset_generated.go │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ ├── scheme │ │ │ │ ├── doc.go │ │ │ │ └── register.go │ │ │ │ └── typed │ │ │ │ └── traffic │ │ │ │ └── v1alpha1 │ │ │ │ ├── doc.go │ │ │ │ ├── fake │ │ │ │ ├── doc.go │ │ │ │ ├── fake_httptrafficrule.go │ │ │ │ ├── fake_traffic_client.go │ │ │ │ └── fake_trafficsplit.go │ │ │ │ ├── generated_expansion.go │ │ │ │ ├── httptrafficrule.go │ │ │ │ ├── traffic_client.go │ │ │ │ └── trafficsplit.go │ │ ├── informers │ │ │ └── externalversions │ │ │ │ ├── factory.go │ │ │ │ ├── generic.go │ │ │ │ ├── internalinterfaces │ │ │ │ └── factory_interfaces.go │ │ │ │ └── traffic │ │ │ │ ├── interface.go │ │ │ │ └── v1alpha1 │ │ │ │ ├── httptrafficrule.go │ │ │ │ ├── interface.go │ │ │ │ └── trafficsplit.go │ │ └── listers │ │ │ └── traffic │ │ │ └── v1alpha1 │ │ │ ├── expansion_generated.go │ │ │ ├── httptrafficrule.go │ │ │ └── trafficsplit.go │ │ └── xnetwork │ │ ├── clientset │ │ └── versioned │ │ │ ├── clientset.go │ │ │ ├── fake │ │ │ ├── clientset_generated.go │ │ │ ├── doc.go │ │ │ └── register.go │ │ │ ├── scheme │ │ │ ├── doc.go │ │ │ └── register.go │ │ │ └── typed │ │ │ └── xnetwork │ │ │ └── v1alpha1 │ │ │ ├── accesscontrol.go │ │ │ ├── doc.go │ │ │ ├── eipadvertisement.go │ │ │ ├── fake │ │ │ ├── doc.go │ │ │ ├── fake_accesscontrol.go │ │ │ ├── fake_eipadvertisement.go │ │ │ └── fake_xnetwork_client.go │ │ │ ├── generated_expansion.go │ │ │ └── xnetwork_client.go │ │ ├── informers │ │ └── externalversions │ │ │ ├── factory.go │ │ │ ├── generic.go │ │ │ ├── internalinterfaces │ │ │ └── factory_interfaces.go │ │ │ └── xnetwork │ │ │ ├── interface.go │ │ │ └── v1alpha1 │ │ │ ├── accesscontrol.go │ │ │ ├── eipadvertisement.go │ │ │ └── interface.go │ │ └── listers │ │ └── xnetwork │ │ └── v1alpha1 │ │ ├── accesscontrol.go │ │ ├── eipadvertisement.go │ │ └── expansion_generated.go ├── health │ ├── health.go │ ├── health_test.go │ ├── mock_probes_generated.go │ └── suite_test.go ├── helm │ ├── helm.go │ ├── types.go │ └── utils.go ├── httpserver │ ├── httpserver.go │ └── httpserver_test.go ├── identity │ ├── types.go │ └── types_test.go ├── ingress │ ├── access.go │ ├── client.go │ ├── gateway.go │ ├── gateway_test.go │ ├── providers │ │ └── pipy │ │ │ ├── cache │ │ │ ├── cache.go │ │ │ ├── endpoints.go │ │ │ ├── hanlder.go │ │ │ ├── ingress.go │ │ │ ├── service.go │ │ │ ├── serviceimport.go │ │ │ └── types.go │ │ │ ├── client.go │ │ │ ├── mock_client_generated.go │ │ │ ├── repo │ │ │ ├── broadcast.go │ │ │ ├── jobs.go │ │ │ └── types.go │ │ │ ├── route │ │ │ └── types.go │ │ │ ├── types.go │ │ │ └── utils │ │ │ └── utils.go │ └── types.go ├── injector │ ├── errors.go │ ├── exclusions.go │ ├── exclusions_test.go │ ├── health_probes.go │ ├── health_probes_test.go │ ├── init_container.go │ ├── init_container_test.go │ ├── iptables.go │ ├── iptables_test.go │ ├── metrics.go │ ├── metrics_test.go │ ├── patch.go │ ├── suite_test.go │ ├── types.go │ ├── volumes.go │ ├── volumes_test.go │ ├── webhook.go │ └── webhook_benchmark_test.go ├── k8s │ ├── announcement_handlers.go │ ├── announcement_handlers_test.go │ ├── client.go │ ├── client_test.go │ ├── errors.go │ ├── event_handlers.go │ ├── event_handlers_test.go │ ├── events │ │ ├── events.go │ │ ├── events_test.go │ │ └── types.go │ ├── fake │ │ └── fake.go │ ├── fsm_controller.go │ ├── fsm_controller_test.go │ ├── fsm_injector.go │ ├── fsm_injector_test.go │ ├── informers │ │ ├── informers.go │ │ └── types.go │ ├── mock_controller_generated.go │ ├── portforward.go │ ├── portforward_test.go │ ├── types.go │ ├── types_test.go │ ├── util.go │ └── util_test.go ├── logger │ └── logger.go ├── lru │ └── types.go ├── manager │ ├── basic │ │ ├── http.go │ │ ├── tls.go │ │ └── types.go │ ├── listeners │ │ ├── announcement_handlers.go │ │ └── client.go │ ├── logging │ │ ├── logging.go │ │ └── types.go │ ├── reconciler │ │ ├── controllers.go │ │ ├── registers.go │ │ └── types.go │ ├── repo │ │ ├── repo.go │ │ └── types.go │ └── utils │ │ ├── http.go │ │ ├── logging.go │ │ ├── tls.go │ │ ├── types.go │ │ ├── util.go │ │ └── version.go ├── mcs │ ├── config │ │ ├── config.go │ │ └── types.go │ ├── context │ │ └── types.go │ ├── ctrl │ │ ├── controlplane.go │ │ └── types.go │ ├── event │ │ └── events.go │ └── remote │ │ ├── background.go │ │ ├── connector.go │ │ └── types.go ├── mesh │ ├── mesh.go │ └── mesh_test.go ├── messaging │ ├── broker.go │ ├── broker_test.go │ ├── types.go │ ├── workqueue.go │ └── workqueue_test.go ├── metricsstore │ ├── metricsstore.go │ └── metricsstore_test.go ├── models │ ├── healthprobe.go │ └── types.go ├── multicluster │ ├── client.go │ ├── errors.go │ ├── ingress_class.go │ ├── mock_client_generated.go │ ├── service_export.go │ ├── service_import.go │ ├── traffic_policy.go │ └── types.go ├── plugin │ ├── client.go │ ├── mock_client_generated.go │ └── types.go ├── policy │ ├── client.go │ ├── client_test.go │ ├── conflicts.go │ ├── conflicts_test.go │ ├── mock_client_generated.go │ └── types.go ├── providers │ ├── fsm │ │ ├── client.go │ │ └── types.go │ └── kube │ │ ├── client.go │ │ ├── client_test.go │ │ ├── fake │ │ └── fake.go │ │ ├── suite_test.go │ │ └── types.go ├── reconciler │ ├── client.go │ ├── crd_handler.go │ ├── crd_handler_test.go │ ├── errors.go │ ├── mutating_webhook_handler.go │ ├── mutating_webhook_handler_test.go │ ├── types.go │ ├── validating_webhook_handler.go │ └── validating_webhook_handler_test.go ├── repo │ ├── client.go │ └── types.go ├── service │ ├── mock_service_provider_generated.go │ ├── service.go │ ├── service_test.go │ ├── suite_test.go │ ├── types.go │ └── types_test.go ├── sidecar │ ├── v1 │ │ ├── adapter.go │ │ ├── driver │ │ │ ├── methods.go │ │ │ └── types.go │ │ └── providers │ │ │ └── pipy │ │ │ ├── bootstrap │ │ │ ├── config.go │ │ │ └── types.go │ │ │ ├── client │ │ │ ├── client.go │ │ │ └── types.go │ │ │ ├── driver │ │ │ ├── init.go │ │ │ ├── injector_bootstrap.go │ │ │ ├── pipy_container.go │ │ │ ├── sidecar.go │ │ │ └── types.go │ │ │ ├── proxy.go │ │ │ ├── proxy_test.go │ │ │ ├── registry │ │ │ ├── announcement_handlers.go │ │ │ ├── announcement_handlers_test.go │ │ │ ├── debugger.go │ │ │ ├── registry.go │ │ │ ├── services.go │ │ │ └── types.go │ │ │ ├── repo │ │ │ ├── broadcast.go │ │ │ ├── codebase.go │ │ │ ├── codebase │ │ │ │ ├── config.js │ │ │ │ ├── config.json │ │ │ │ ├── connect-tcp.js │ │ │ │ ├── connect-tls.js │ │ │ │ ├── connect-upstream.js │ │ │ │ ├── dns-main.js │ │ │ │ ├── logging.js │ │ │ │ ├── main.js │ │ │ │ ├── metrics.js │ │ │ │ ├── modules │ │ │ │ │ ├── inbound-http-default.js │ │ │ │ │ ├── inbound-http-load-balancing.js │ │ │ │ │ ├── inbound-http-routing.js │ │ │ │ │ ├── inbound-logging-http.js │ │ │ │ │ ├── inbound-main.js │ │ │ │ │ ├── inbound-metrics-http.js │ │ │ │ │ ├── inbound-tcp-default.js │ │ │ │ │ ├── inbound-tcp-load-balancing.js │ │ │ │ │ ├── inbound-tcp-routing.js │ │ │ │ │ ├── inbound-throttle-route.js │ │ │ │ │ ├── inbound-throttle-service.js │ │ │ │ │ ├── inbound-tls-termination.js │ │ │ │ │ ├── inbound-tracing-http.js │ │ │ │ │ ├── outbound-circuit-breaker.js │ │ │ │ │ ├── outbound-http-default.js │ │ │ │ │ ├── outbound-http-load-balancing.js │ │ │ │ │ ├── outbound-http-routing.js │ │ │ │ │ ├── outbound-logging-http.js │ │ │ │ │ ├── outbound-main.js │ │ │ │ │ ├── outbound-metrics-http.js │ │ │ │ │ ├── outbound-tcp-default.js │ │ │ │ │ ├── outbound-tcp-load-balancing.js │ │ │ │ │ ├── outbound-tcp-routing.js │ │ │ │ │ ├── outbound-throttle-route.js │ │ │ │ │ ├── outbound-throttle-service.js │ │ │ │ │ └── outbound-tracing-http.js │ │ │ │ ├── probes.js │ │ │ │ ├── stats.js │ │ │ │ ├── tracing.js │ │ │ │ └── utils.js │ │ │ ├── errors.go │ │ │ ├── health.go │ │ │ ├── inform.go │ │ │ ├── jobs.go │ │ │ ├── plugin.go │ │ │ ├── policy.go │ │ │ ├── ratelimit.go │ │ │ ├── server.go │ │ │ ├── types.go │ │ │ └── util.go │ │ │ └── types.go │ └── v2 │ │ ├── acl.go │ │ ├── bridge.go │ │ ├── broadcast.go │ │ ├── dns.go │ │ ├── e4lb.go │ │ ├── e4lbtopo.go │ │ ├── job.go │ │ ├── nodes.go │ │ ├── probe.go │ │ ├── route.go │ │ ├── server.go │ │ ├── types.go │ │ └── xnat.go ├── signals │ └── signals.go ├── smi │ ├── client.go │ ├── client_test.go │ ├── errors.go │ ├── fake │ │ └── fake.go │ ├── health.go │ ├── health_test.go │ ├── mock_meshspec_generated.go │ ├── suite_test.go │ └── types.go ├── strings │ ├── all.go │ ├── all_test.go │ ├── which.go │ └── which_test.go ├── tests │ ├── address.go │ ├── certificates │ │ └── constants.go │ ├── fixtures.go │ ├── helpers.go │ └── mtls.go ├── ticker │ ├── ticker.go │ └── ticker_test.go ├── trafficpolicy │ ├── accesscontrol_types.go │ ├── egress_gateway_types.go │ ├── egress_types.go │ ├── ingress_types.go │ ├── plugin_types.go │ ├── service_export_types.go │ ├── suite_test.go │ ├── trafficpolicy.go │ ├── trafficpolicy_test.go │ └── types.go ├── utils │ ├── certs.go │ ├── chm │ │ └── concurrent.go │ ├── cidr │ │ ├── cidr.go │ │ └── helper.go │ ├── ctrl.go │ ├── env.go │ ├── env_test.go │ ├── errors.go │ ├── grpc.go │ ├── grpc_test.go │ ├── hash.go │ ├── image.go │ ├── ingress.go │ ├── ip.go │ ├── ipconv.go │ ├── json.go │ ├── json_test.go │ ├── log.go │ ├── mtls.go │ ├── mtls_test.go │ ├── pod.go │ ├── repo.go │ ├── serviceaccount.go │ ├── serviceaccount_test.go │ ├── signal.go │ ├── slice.go │ ├── stringhash.go │ ├── stringhash_test.go │ ├── strings.go │ ├── tpl.go │ ├── types.go │ ├── uri.go │ ├── uri_test.go │ ├── userip.go │ ├── userip_test.go │ ├── util.go │ └── yaml.go ├── validator │ ├── patch.go │ ├── patch_test.go │ ├── server.go │ ├── server_benchmark_test.go │ ├── server_test.go │ ├── types.go │ ├── validators.go │ └── validators_test.go ├── version │ ├── utils.go │ └── version.go ├── webhook │ ├── builder │ │ ├── types.go │ │ ├── webhook.go │ │ └── webhook_configuration.go │ ├── errors.go │ ├── extension │ │ └── v1alpha1 │ │ │ ├── dnsmodifier.go │ │ │ ├── faultinjection.go │ │ │ ├── filter.go │ │ │ ├── filterconfig.go │ │ │ ├── filterdefinition.go │ │ │ ├── iprestriction.go │ │ │ └── listenerfilter.go │ ├── flb │ │ ├── secret.go │ │ ├── service.go │ │ └── tls_secret.go │ ├── gatewayapi │ │ ├── v1 │ │ │ ├── gateway.go │ │ │ ├── gatewayclass.go │ │ │ ├── grpcroute.go │ │ │ └── httproute.go │ │ └── v1alpha2 │ │ │ ├── tcproute.go │ │ │ ├── tlsroute.go │ │ │ └── udproute.go │ ├── ingress │ │ ├── k8singress.go │ │ └── namespacedingress.go │ ├── mcs │ │ └── v1alpha1 │ │ │ ├── cluster.go │ │ │ ├── globaltrafficpolicy.go │ │ │ ├── serviceexport.go │ │ │ └── serviceimport.go │ ├── policyattachment │ │ ├── v1alpha2 │ │ │ ├── backendlb.go │ │ │ └── healthcheck.go │ │ └── v1alpha3 │ │ │ └── backendtls.go │ ├── server.go │ ├── types.go │ ├── types │ │ ├── mock_register_generated.go │ │ └── types.go │ ├── utils.go │ ├── webhook.go │ └── webhook_test.go ├── workerpool │ ├── workerpool.go │ └── workerpool_test.go ├── xnetwork │ ├── client.go │ ├── mock_client_generated.go │ ├── types.go │ └── xnet │ │ ├── bpf │ │ └── types.go │ │ ├── fs │ │ ├── pinning.go │ │ └── types.go │ │ ├── maps │ │ ├── acl.go │ │ ├── cfg.go │ │ ├── iface.go │ │ ├── nat.go │ │ └── types.go │ │ ├── neigh │ │ ├── arp_linux.go │ │ ├── ndp_linux.go │ │ ├── neigh.go │ │ ├── neigh_darwin.go │ │ ├── neigh_linux.go │ │ └── types.go │ │ ├── route │ │ ├── arping_darwin.go │ │ ├── arping_linux.go │ │ ├── gateway.go │ │ ├── gateway_darwin.go │ │ └── gateway_linux.go │ │ ├── util │ │ ├── file.go │ │ └── ip.go │ │ └── volume │ │ └── types.go └── zookeeper │ ├── client.go │ ├── discovery │ ├── dubbo │ │ ├── adaptor.go │ │ ├── instance.go │ │ └── mapfield.go │ ├── k8s │ │ ├── adaptor.go │ │ ├── instance.go │ │ └── mapfield.go │ ├── nebula │ │ ├── adaptor.go │ │ ├── instance.go │ │ └── mapfield.go │ ├── service_discovery.go │ ├── service_names.go │ ├── service_registry.go │ └── types.go │ ├── options.go │ └── urlenc │ └── urlenc.go ├── scripts ├── check-scripts.sh ├── cleanup │ └── crd-cleanup.sh ├── create-container-registry-creds.sh ├── flb.yaml ├── generate-dummy-embed.sh ├── generate_chart │ └── generate_chart.go ├── get-fsm-namespace-logs.sh ├── get-k3d-logs.sh ├── get-pcap-bookstore.sh ├── go-benchmark.sh ├── go-mod-tidy.sh ├── go-test.sh ├── hello.proto ├── image-exists.sh ├── install-git-pre-push-hook.sh ├── k3d-multicluster-cleanup.sh ├── k3d-multicluster-curl-test.sh ├── k3d-multicluster-deploy-apps.sh ├── k3d-multicluster-export-services.sh ├── k3d-multicluster-install-fsm.sh ├── k3d-multicluster-join-clusters.sh ├── k3d-with-registry-multicluster.sh ├── k3d-with-registry.sh ├── kind-with-registry.sh ├── port-forward-all.sh ├── port-forward-bookbuyer-ui.sh ├── port-forward-bookbuyer.sh ├── port-forward-bookstore-ui-v1.sh ├── port-forward-bookstore-ui-v2.sh ├── port-forward-bookstore-ui.sh ├── port-forward-bookstore.sh ├── port-forward-bookthief-ui.sh ├── port-forward-bookthief.sh ├── port-forward-fsm-debug.sh ├── port-forward-fsm-metrics.sh ├── port-forward-fsm-repo.sh ├── port-forward-grafana.sh ├── port-forward-jaeger.sh ├── port-forward-prometheus.sh ├── pre-push-hook ├── release-notes.sh ├── run-ads.sh ├── test-w-coverage.sh └── vm │ ├── README.md │ ├── clean-iptables.sh │ └── run-sidecar.sh ├── tests ├── e2e │ ├── README.md │ ├── constants.go │ ├── e2e_certmanager_test.go │ ├── e2e_client_server_connectivity_test.go │ ├── e2e_controller_restart_test.go │ ├── e2e_deployment_client_headless_server_test.go │ ├── e2e_deployment_client_server_test.go │ ├── e2e_egress_policy_test.go │ ├── e2e_egress_test.go │ ├── e2e_fluentbit_deployment_test.go │ ├── e2e_fluentbit_output_test.go │ ├── e2e_fsm_ingress_test.go │ ├── e2e_fsm_reinstall_test.go │ ├── e2e_garbage_collector_test.go │ ├── e2e_gatewayapi_test.go │ ├── e2e_grpc_insecure_origination_test.go │ ├── e2e_grpc_secure_origination_test.go │ ├── e2e_hashivault_test.go │ ├── e2e_health_probe_test.go │ ├── e2e_helm_install_test.go │ ├── e2e_ignore_namespace_test.go │ ├── e2e_ingressbackend_test.go │ ├── e2e_init_controller_test.go │ ├── e2e_ip_exclusion_test.go │ ├── e2e_local_ratelimit_test.go │ ├── e2e_multiple_ports_per_service_test.go │ ├── e2e_multiple_services_per_pod_test.go │ ├── e2e_namespacedingress_test.go │ ├── e2e_permissive_smi_switching_test.go │ ├── e2e_permissive_test.go │ ├── e2e_port_exclusion_test.go │ ├── e2e_proxy_resource_limits_test.go │ ├── e2e_reconciler_test.go │ ├── e2e_retry_policy_test.go │ ├── e2e_smi_traffic_target_test.go │ ├── e2e_statefulsets_test.go │ ├── e2e_tcp_client_server_test.go │ ├── e2e_tcp_egress_test.go │ ├── e2e_tcp_server_first_test.go │ ├── e2e_trafficsplit_recursive_split.go │ ├── e2e_trafficsplit_same_sa_test.go │ ├── e2e_trafficsplit_test.go │ ├── e2e_upgrade_test.go │ ├── e2e_validate_smi_traffic_target_test.go │ └── suite_test.go ├── framework │ ├── common.go │ ├── common_apps.go │ ├── common_gatewayapi.go │ ├── common_ingress.go │ ├── common_metrics.go │ ├── common_profile.go │ ├── common_smi.go │ ├── common_traffic.go │ ├── common_traffic_fortio.go │ ├── constants.go │ ├── helm.go │ ├── k3d-cluster.yaml │ ├── namespace.go │ └── types.go ├── scale │ ├── README.md │ ├── fsm_common_profile_resources.go │ ├── scale_trafficSplit_test.go │ └── suite_test.go └── tools │ └── mock-flb-api-server │ └── main.go └── tools.go /.dockerignore: -------------------------------------------------------------------------------- 1 | **/.classpath 2 | **/.dockerignore 3 | **/.env 4 | **/.git 5 | **/.gitignore 6 | **/.project 7 | **/.settings 8 | **/.toolstarget 9 | **/.vs 10 | **/.vscode 11 | **/*.*proj.user 12 | **/*.dbmdl 13 | **/*.jfm 14 | **/azds.yaml 15 | **/charts 16 | **/docker-compose* 17 | **/Dockerfile* 18 | **/node_modules 19 | **/npm-debug.log 20 | **/obj 21 | **/secrets.dev.yaml 22 | **/values.dev.yaml 23 | README.md 24 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | end_of_line = lf 6 | indent_size = 2 7 | indent_style = space 8 | insert_final_newline = false 9 | max_line_length = 120 10 | tab_width = 2 11 | 12 | [{*.go,*.go2}] 13 | indent_size = 4 14 | tab_width = 4 15 | 16 | [{*.markdown,*.md}] 17 | indent_size = 2 18 | tab_width = 2 19 | 20 | [{*.mk,GNUmakefile,makefile,Makefile}] 21 | tab_width = 4 22 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | *.yaml text eol=lf 2 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/documentation.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Documentation 3 | about: Suggest an improvement for documentation 4 | title: '' 5 | labels: documentation 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Please describe what should be documented** 11 | 12 | **Please suggest where in the repo the document should be located** 13 | -------------------------------------------------------------------------------- /.github/workflows/slash-commands.yml: -------------------------------------------------------------------------------- 1 | name: Slash Commands 2 | on: 3 | issue_comment: 4 | types: [created] 5 | 6 | jobs: 7 | run: 8 | runs-on: ubuntu-24.04 9 | steps: 10 | - name: Check user permission 11 | id: check 12 | uses: scherermichael-oss/action-has-permission@master 13 | with: 14 | required-permission: admin 15 | env: 16 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 17 | - name: Execute slash command 18 | if: steps.check.outputs.has-permission 19 | uses: wow-actions/slash-commands@v1 20 | with: 21 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 22 | CONFIG_FILE: .github/slash-commands-config.yml -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # ref: https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners 2 | 3 | * @cybwan @reaver-flomesh @naqvis @caishu97 @i0r3k 4 | 5 | # Emeritus maintainers 6 | # @cybwan @reaver-flomesh 7 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Code of Conduct 2 | 3 | Flomesh Service Mesh follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). 4 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | 2 | #build stage 3 | FROM golang:1.24-alpine AS builder 4 | 5 | RUN apk update 6 | RUN apk add --no-cache make 7 | RUN apk add --no-cache git 8 | RUN apk add build-base 9 | RUN apk add bash 10 | ENV GOPATH=/usr/local/go/tools 11 | RUN go get -u golang.org/x/tools/... 12 | RUN go get -u golang.org/x/tools/gopls/... 13 | RUN go get -u github.com/go-delve/delve/cmd/dlv 14 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | # Code maintainers (borrowed from https://github.com/flomesh-io/fsm/blob/main/CODEOWNERS) 2 | - @cybwan 3 | - @reaver-flomesh 4 | - @addozhang 5 | - @naqvis 6 | - @caishu97 7 | 8 | # Non-code maintainers 9 | 10 | # Emeritus maintainers 11 | - @cybwan 12 | - @reaver-flomesh 13 | -------------------------------------------------------------------------------- /SUPPORT: -------------------------------------------------------------------------------- 1 | # Support 2 | 3 | [Please search open issues on GitHub](https://github.com/flomesh-io/fsm/issues), and if your issue isn't already represented please [open a new one](https://github.com/flomesh-io/fsm/issues/new/choose). The FSM project maintainers will respond to the best of their abilities. -------------------------------------------------------------------------------- /charts/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/connector/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/connector/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: tpls 3 | repository: file://../tpls 4 | version: 0.1.1 5 | digest: sha256:835c3f1a59e3d49577b45e10e3ee288f7a2b0107867e382c40c15cd80b90b366 6 | generated: "2023-03-03T15:37:06.264565+08:00" 7 | -------------------------------------------------------------------------------- /charts/connector/templates/pod-disruption-budget.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.cloudConnector.enable }} 2 | {{- if .Values.fsm.cloudConnector.enablePodDisruptionBudget }} 3 | apiVersion: policy/v1beta1 4 | kind: PodDisruptionBudget 5 | metadata: 6 | name: {{ include "fsmConnector.name" . }}-pdb 7 | namespace: {{ include "fsm.namespace" . }} 8 | labels: 9 | app: {{ include "fsmConnector.name" . }} 10 | spec: 11 | minAvailable: 1 12 | selector: 13 | matchLabels: 14 | app: {{ include "fsmConnector.name" . }} 15 | {{- end }} 16 | {{- end }} -------------------------------------------------------------------------------- /charts/fsm/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/fsm/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | digest: sha256:0d982bc1997978750f16f07b2d0e081820104a7e109a158bf91f0e4a6a430b0f 3 | generated: "2023-04-25T10:41:46.431046+08:00" 4 | -------------------------------------------------------------------------------- /charts/fsm/components/scripts.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/charts/fsm/components/scripts.tar.gz -------------------------------------------------------------------------------- /charts/fsm/components/scripts/gateways/config/version.json: -------------------------------------------------------------------------------- 1 | {"version": ""} -------------------------------------------------------------------------------- /charts/fsm/components/scripts/gateways/filters/http/HTTPForward.js: -------------------------------------------------------------------------------- 1 | export default function () { 2 | var $ctx 3 | var $sni 4 | var $session 5 | 6 | var balancers = new algo.Cache( 7 | target => new algo.LoadBalancer([target]) 8 | ) 9 | 10 | return pipeline($=>$ 11 | .onStart(c => { 12 | $ctx = c.parent 13 | $sni = $ctx.originalServerName 14 | $session = balancers.get($ctx.originalTarget).allocate() 15 | }) 16 | .muxHTTP(() => $session).to($=>$ 17 | .pipe(() => $sni ? 'tls' : 'tcp', { 18 | 'tcp': ($=>$.connect(() => $session.target)), 19 | 'tls': ($=>$ 20 | .connectTLS({ sni: () => $sni }).to($=>$ 21 | .connect(() => $session.target) 22 | ) 23 | ), 24 | }) 25 | ) 26 | .onEnd(() => $session.free()) 27 | ) 28 | } 29 | -------------------------------------------------------------------------------- /charts/fsm/components/scripts/gateways/filters/http/RequestTermination.js: -------------------------------------------------------------------------------- 1 | export default function (config) { 2 | var abortMessage = new Message( 3 | { 4 | status: config.requestTermination.response?.status || 503, 5 | headers: config.requestTermination.response?.headers, 6 | }, 7 | config.requestTermination.response?.body || 'Service unavailable' 8 | ) 9 | 10 | return pipeline($=>$ 11 | .replaceData() 12 | .replaceMessage(abortMessage) 13 | ) 14 | } 15 | -------------------------------------------------------------------------------- /charts/fsm/components/scripts/gateways/filters/tcp/ProxyTag.js: -------------------------------------------------------------------------------- 1 | export default function (config) { 2 | var proxyTag = (config.proxyTag?.dstHostHeader || 'proxy-tag').toLowerCase() 3 | var origHost = (config.proxyTag?.srcHostHeader || 'orig-host').toLowerCase() 4 | 5 | return pipeline($=>$ 6 | .demuxHTTP().to($=>$ 7 | .handleMessageStart( 8 | msg => { 9 | var headers = msg.head.headers 10 | var tag = headers[proxyTag] 11 | if (tag) { 12 | headers[origHost] = headers.host 13 | headers.host = tag 14 | } else if (headers['fgw-target-service']) { 15 | headers[proxyTag] = headers['fgw-target-service'] 16 | } else { 17 | headers[proxyTag] = headers.host 18 | } 19 | } 20 | ) 21 | .pipeNext() 22 | ) 23 | ) 24 | } 25 | -------------------------------------------------------------------------------- /charts/fsm/components/scripts/gateways/filters/tcp/TCPForward.js: -------------------------------------------------------------------------------- 1 | export default function () { 2 | var $ctx 3 | 4 | return pipeline($=>$ 5 | .onStart(c => { $ctx = c }) 6 | .connect(() => $ctx.originalTarget) 7 | ) 8 | } 9 | -------------------------------------------------------------------------------- /charts/fsm/components/scripts/gateways/main.js: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env -S pipy --args 2 | 3 | import options from './options.js' 4 | import resources from './resources.js' 5 | import { startGateway, makeResourceWatcher } from './startup.js' 6 | import { enableLog, enableDump } from './utils.js' 7 | 8 | var opts = options(pipy.argv, { 9 | defaults: { 10 | '--config': '', 11 | '--watch': false, 12 | '--debug': false, 13 | '--dump': false, 14 | }, 15 | shorthands: { 16 | '-c': '--config', 17 | '-w': '--watch', 18 | '-d': '--debug', 19 | }, 20 | }) 21 | 22 | enableLog(opts['--debug']) 23 | enableDump(opts['--dump']) 24 | 25 | resources.init(opts['--config'], opts['--watch'] ? makeResourceWatcher() : null) 26 | resources.list('Gateway').forEach(gw => { 27 | if (gw.metadata?.name) { 28 | startGateway(gw) 29 | } 30 | }) 31 | -------------------------------------------------------------------------------- /charts/fsm/components/scripts/ingress/config/ingress.json: -------------------------------------------------------------------------------- 1 | { 2 | "trustedCAs": [], 3 | "certificates": {}, 4 | "routes": {}, 5 | "services": {} 6 | } -------------------------------------------------------------------------------- /charts/fsm/components/scripts/ingress/config/main.json: -------------------------------------------------------------------------------- 1 | { 2 | "http": { 3 | "enabled": true, 4 | "listen": 8000 5 | }, 6 | 7 | "tls": { 8 | "enabled": false, 9 | "listen": 8443, 10 | "mTLS": false, 11 | "certificate": {} 12 | }, 13 | 14 | "sslPassthrough": { 15 | "enabled": false, 16 | "upstreamPort": 443 17 | }, 18 | 19 | "detectProtocol": true, 20 | 21 | "plugins": [ 22 | "plugins/reject-http.js", 23 | "plugins/protocol.js", 24 | "plugins/router.js", 25 | "plugins/balancer.js", 26 | "plugins/default.js" 27 | ], 28 | 29 | "logging": { 30 | "enabled": false, 31 | "url": "http://localhost:8123/ping", 32 | "headers": {}, 33 | "token": "", 34 | "batch": { 35 | "size": 1000, 36 | "separator": "\n" 37 | } 38 | }, 39 | 40 | "version": 1 41 | } -------------------------------------------------------------------------------- /charts/fsm/components/scripts/services/config/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "listen": 5867, 3 | "userPort": 8080 4 | } -------------------------------------------------------------------------------- /charts/fsm/components/scripts/services/config/registry.json: -------------------------------------------------------------------------------- 1 | { 2 | "services": {} 3 | } -------------------------------------------------------------------------------- /charts/fsm/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Congratulations! The FSM control plane has been installed in your Kubernetes cluster! 2 | -------------------------------------------------------------------------------- /charts/fsm/templates/egress-gateway-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.egressGateway.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: fsm-egress-gateway 6 | namespace: {{ include "fsm.namespace" . }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | app: fsm-egress-gateway 10 | meshName: {{ .Values.fsm.meshName }} 11 | annotations: 12 | flomesh.io/egress-gateway-mode: {{ .Values.fsm.egressGateway.mode }} 13 | spec: 14 | ports: 15 | - port: {{ .Values.fsm.egressGateway.port }} 16 | name: egress-nat-port 17 | targetPort: {{ .Values.fsm.egressGateway.port }} 18 | protocol: TCP 19 | appProtocol: tcp 20 | selector: 21 | app: fsm-egress-gateway 22 | {{- end }} -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-bootstrap-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: fsm-bootstrap 5 | namespace: {{ include "fsm.namespace" . }} 6 | labels: 7 | {{- include "fsm.labels" . | nindent 4 }} 8 | app: fsm-bootstrap 9 | spec: 10 | ports: 11 | - name: crdconversion 12 | port: 9443 13 | - name: health 14 | port: 9091 15 | selector: 16 | app: fsm-bootstrap 17 | -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-controller-pod-disruption-budget.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.fsmController.enablePodDisruptionBudget }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: fsm-controller-pdb 6 | namespace: {{ include "fsm.namespace" . }} 7 | labels: 8 | app: fsm-controller 9 | spec: 10 | minAvailable: 1 11 | selector: 12 | matchLabels: 13 | app: fsm-controller 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-flb-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | namespace: {{ include "fsm.namespace" . }} 5 | name: {{ .Values.fsm.flb.secretName }} 6 | labels: 7 | flb.flomesh.io/config: "true" 8 | type: Opaque 9 | data: 10 | baseUrl: {{ .Values.fsm.flb.baseUrl | b64enc }} 11 | username: {{ .Values.fsm.flb.username | b64enc }} 12 | password: {{ .Values.fsm.flb.password | b64enc }} 13 | k8sCluster: {{ .Values.fsm.flb.k8sCluster | b64enc }} 14 | defaultAddressPool: {{ .Values.fsm.flb.defaultAddressPool | b64enc }} 15 | defaultAlgo: {{ .Values.fsm.flb.defaultAlgo | b64enc }} -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-ingress-class.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.fsm.fsmIngress.enabled (not .Values.fsm.fsmGateway.enabled ) (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) }} 2 | apiVersion: networking.k8s.io/v1 3 | kind: IngressClass 4 | metadata: 5 | name: pipy 6 | labels: 7 | {{- include "fsm.labels" . | nindent 4 }} 8 | app: fsm-ingress 9 | annotations: 10 | meta.flomesh.io/namespace: {{ include "fsm.namespace" . }} 11 | meta.flomesh.io/ingress-pipy-svc: "fsm-ingress" 12 | spec: 13 | controller: flomesh.io/ingress-pipy 14 | {{- end }} -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-injector-pod-disruption-budget.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.injector.enablePodDisruptionBudget }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: fsm-injector-pdb 6 | namespace: {{ include "fsm.namespace" . }} 7 | labels: 8 | app: fsm-injector 9 | spec: 10 | minAvailable: 1 11 | selector: 12 | matchLabels: 13 | app: fsm-injector 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-injector-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: fsm-injector 5 | namespace: {{ include "fsm.namespace" . }} 6 | labels: 7 | {{- include "fsm.labels" . | nindent 4 }} 8 | app: fsm-injector 9 | spec: 10 | ports: 11 | - name: sidecar-inject 12 | port: 9090 13 | selector: 14 | app: fsm-injector -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-mesh-config-role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: fsm-mesh-config-role 5 | namespace: {{ include "fsm.namespace" . }} 6 | labels: 7 | {{- include "fsm.labels" . | nindent 4 }} 8 | rules: 9 | - apiGroups: [ "config.flomesh.io" ] 10 | resources: [ "meshconfigs", "meshrootcertificates" ] 11 | verbs: [ "get", "list", "watch"] -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-remote-logging-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.remoteLogging.enable }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | namespace: {{ include "fsm.namespace" . }} 6 | name: {{ .Values.fsm.remoteLogging.secretName }} 7 | type: Opaque 8 | data: 9 | url: {{ printf "http://%s:%d" .Values.fsm.remoteLogging.address ((.Values.fsm.remoteLogging.port | int)) | b64enc }} 10 | token: {{ .Values.fsm.remoteLogging.authorization | b64enc }} 11 | {{- end }} -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: fsm-controller 5 | namespace: {{ include "fsm.namespace" . }} 6 | labels: 7 | {{- include "fsm.labels" . | nindent 4 }} 8 | app: fsm-controller 9 | spec: 10 | ports: 11 | - name: pipy-admin-port 12 | port: {{ .Values.fsm.repoServer.port }} 13 | targetPort: {{ .Values.fsm.repoServer.port }} 14 | - name: debug-port 15 | port: 9092 16 | targetPort: 9092 17 | - name: healthz 18 | port: 9091 19 | targetPort: 9091 20 | - name: webhook 21 | port: 9443 22 | targetPort: 9443 23 | - name: dns-proxy 24 | port: 53 25 | targetPort: 15053 26 | protocol: UDP 27 | selector: 28 | app: fsm-controller 29 | -------------------------------------------------------------------------------- /charts/fsm/templates/fsm-validator-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: fsm-validator 5 | namespace: {{ include "fsm.namespace" . }} 6 | labels: 7 | {{- include "fsm.labels" . | nindent 4 }} 8 | app: fsm-controller 9 | spec: 10 | ports: 11 | - name: validator 12 | port: 9093 13 | targetPort: 9093 14 | selector: 15 | app: fsm-controller 16 | -------------------------------------------------------------------------------- /charts/fsm/templates/grafana-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.deployGrafana}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: fsm-grafana 6 | namespace: {{ include "fsm.namespace" . }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | app: fsm-grafana 10 | spec: 11 | ports: 12 | - port: {{.Values.fsm.grafana.port}} 13 | name: grafana-dashboard 14 | {{- if .Values.fsm.grafana.enableRemoteRendering}} 15 | - port: 8081 16 | name: grafana-renderer 17 | {{- end }} 18 | selector: 19 | app: fsm-grafana 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /charts/fsm/templates/init-repo-scripts-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: fsm-init-repo-scripts 5 | namespace: {{ include "fsm.namespace" . }} 6 | labels: 7 | {{- include "fsm.labels" . | nindent 4 }} 8 | binaryData: 9 | scripts.tar.gz: | 10 | {{ (.Files.Get "components/scripts.tar.gz") | b64enc | indent 4}} -------------------------------------------------------------------------------- /charts/fsm/templates/jaeger-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.deployJaeger }} 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: jaeger 6 | namespace: {{ include "fsm.namespace" . }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | app: fsm-jaeger 10 | spec: 11 | selector: 12 | app: fsm-jaeger 13 | ports: 14 | - protocol: TCP 15 | # Service port and target port are the same 16 | port: {{ .Values.fsm.tracing.port }} 17 | type: ClusterIP 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /charts/fsm/templates/leader-election-role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: fsm-leader-election-role 5 | labels: 6 | {{- include "fsm.labels" . | nindent 4 }} 7 | rules: 8 | - apiGroups: 9 | - "" 10 | - coordination.k8s.io 11 | resources: 12 | - configmaps 13 | - leases 14 | verbs: 15 | - get 16 | - list 17 | - watch 18 | - create 19 | - update 20 | - patch 21 | - delete 22 | - apiGroups: 23 | - "" 24 | resources: 25 | - events 26 | verbs: 27 | - create 28 | - patch -------------------------------------------------------------------------------- /charts/fsm/templates/leader-election-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: fsm-leader-election-rolebinding 5 | labels: 6 | {{- include "fsm.labels" . | nindent 4 }} 7 | roleRef: 8 | apiGroup: rbac.authorization.k8s.io 9 | kind: ClusterRole 10 | name: fsm-leader-election-role 11 | subjects: 12 | - kind: ServiceAccount 13 | name: {{ .Release.Name }} 14 | namespace: {{ include "fsm.namespace" . }} -------------------------------------------------------------------------------- /charts/fsm/templates/mutating-webhook-configuration.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: admissionregistration.k8s.io/v1 2 | kind: MutatingWebhookConfiguration 3 | metadata: 4 | name: flomesh-mutating-webhook-configuration 5 | labels: 6 | {{- include "fsm.labels" . | nindent 4 }} 7 | creationTimestamp: null 8 | webhooks: [] -------------------------------------------------------------------------------- /charts/fsm/templates/prometheus-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.deployPrometheus }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: fsm-prometheus 6 | namespace: {{ include "fsm.namespace" . }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | annotations: 10 | prometheus.io/port: "{{.Values.fsm.prometheus.port}}" 11 | prometheus.io/scrape: "true" 12 | spec: 13 | ports: 14 | - port: {{.Values.fsm.prometheus.port}} 15 | protocol: TCP 16 | targetPort: {{.Values.fsm.prometheus.port}} 17 | selector: 18 | app: fsm-prometheus 19 | {{- end }} -------------------------------------------------------------------------------- /charts/fsm/templates/proxy-config.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fsm.fluentBit.enableProxySupport }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: proxy-config 6 | namespace: {{ include "fsm.namespace" . }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | stringData: 10 | HTTP_PROXY: {{ .Values.fsm.fluentBit.httpProxy | quote }} 11 | HTTPS_PROXY: {{ .Values.fsm.fluentBit.httpsProxy | quote }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/fsm/templates/validating-webhook-configuration.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: admissionregistration.k8s.io/v1 2 | kind: ValidatingWebhookConfiguration 3 | metadata: 4 | name: flomesh-validating-webhook-configuration 5 | labels: 6 | {{- include "fsm.labels" . | nindent 4 }} 7 | creationTimestamp: null 8 | webhooks: [] -------------------------------------------------------------------------------- /charts/gateway/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/gateway/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: tpls 3 | repository: file://../tpls 4 | version: 0.1.1 5 | digest: sha256:835c3f1a59e3d49577b45e10e3ee288f7a2b0107867e382c40c15cd80b90b366 6 | generated: "2023-03-03T15:37:06.264565+08:00" 7 | -------------------------------------------------------------------------------- /charts/gateway/templates/leader-election-role.yaml: -------------------------------------------------------------------------------- 1 | {{- if (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ printf "fsm-gateway-le-%s-%s-role" .Values.fsm.gateway.namespace .Values.fsm.gateway.name }} 6 | namespace: {{ .Values.fsm.gateway.namespace }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | app: fsm-gateway 10 | rules: 11 | - apiGroups: 12 | - "" 13 | - coordination.k8s.io 14 | resources: 15 | - configmaps 16 | - leases 17 | verbs: 18 | - get 19 | - list 20 | - watch 21 | - create 22 | - update 23 | - patch 24 | - delete 25 | - apiGroups: 26 | - "" 27 | resources: 28 | - events 29 | verbs: 30 | - create 31 | - patch 32 | {{- end }} -------------------------------------------------------------------------------- /charts/gateway/templates/leader-election-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ printf "fsm-gateway-le-%s-%s-rolebinding" .Values.fsm.gateway.namespace .Values.fsm.gateway.name }} 6 | namespace: {{ .Values.fsm.gateway.namespace }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | app: fsm-gateway 10 | roleRef: 11 | apiGroup: rbac.authorization.k8s.io 12 | kind: Role 13 | name: {{ printf "fsm-gateway-le-%s-%s-role" .Values.fsm.gateway.namespace .Values.fsm.gateway.name }} 14 | subjects: 15 | - kind: ServiceAccount 16 | name: {{ include "fsm.gateway.serviceAccountName" . }} 17 | namespace: {{ .Values.fsm.gateway.namespace }} 18 | {{- end }} -------------------------------------------------------------------------------- /charts/gateway/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "fsm.gateway.serviceAccountName" . }} 6 | namespace: {{ .Values.fsm.gateway.namespace }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | app: fsm-gateway 10 | {{- end }} -------------------------------------------------------------------------------- /charts/namespaced-ingress/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/namespaced-ingress/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: tpls 3 | repository: file://../tpls 4 | version: 0.1.1 5 | digest: sha256:835c3f1a59e3d49577b45e10e3ee288f7a2b0107867e382c40c15cd80b90b366 6 | generated: "2022-06-25T00:30:21.195732+08:00" 7 | -------------------------------------------------------------------------------- /charts/namespaced-ingress/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "fsm.namespaced-ingress.serviceAccountName" . }} 6 | namespace: {{ .Values.nsig.metadata.namespace }} 7 | labels: 8 | {{- include "fsm.labels" . | nindent 4 }} 9 | app: fsm-ingress 10 | {{- end }} 11 | -------------------------------------------------------------------------------- /ci/cmd/maestro_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | 9 | "github.com/flomesh-io/fsm/demo/cmd/common" 10 | ) 11 | 12 | var _ = Describe("Test maestro", func() { 13 | 14 | Context("Test cutIt", func() { 15 | It("cuts it at success", func() { 16 | str := fmt.Sprintf("foo bar %s baz", common.Success) 17 | actual := cutIt(str) 18 | expected := fmt.Sprintf("foo bar %s", common.Success) 19 | Expect(actual).To(Equal(expected)) 20 | }) 21 | 22 | It("cuts it at failure", func() { 23 | str := fmt.Sprintf("foo bar %s baz baz", common.Failure) 24 | actual := cutIt(str) 25 | expected := fmt.Sprintf("foo bar %s", common.Failure) 26 | Expect(actual).To(Equal(expected)) 27 | }) 28 | }) 29 | 30 | }) 31 | -------------------------------------------------------------------------------- /ci/cmd/suite_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestMaestro(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Maestro Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /cmd/cli/cluster.go: -------------------------------------------------------------------------------- 1 | package main 2 | -------------------------------------------------------------------------------- /cmd/cli/flb.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "helm.sh/helm/v3/pkg/action" 7 | 8 | "github.com/spf13/cobra" 9 | ) 10 | 11 | const flbDescription = ` 12 | This command consists of multiple subcommands related to managing flb controller 13 | associated with fsm installations. 14 | ` 15 | 16 | var ( 17 | flbManifestFiles = []string{ 18 | "templates/fsm-flb-secret.yaml", 19 | } 20 | ) 21 | 22 | func newFLBCmd(config *action.Configuration, out io.Writer) *cobra.Command { 23 | cmd := &cobra.Command{ 24 | Use: "flb", 25 | Short: "manage fsm FLB", 26 | Aliases: []string{"flb"}, 27 | Long: flbDescription, 28 | Args: cobra.NoArgs, 29 | } 30 | cmd.AddCommand(newFLBEnableCmd(config, out)) 31 | cmd.AddCommand(newFLBDisableCmd(out)) 32 | 33 | return cmd 34 | } 35 | -------------------------------------------------------------------------------- /cmd/cli/formatters.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | "text/tabwriter" 6 | ) 7 | 8 | const ( 9 | minwidth = 6 10 | tabwidth = 4 11 | padding = 3 12 | padchar = ' ' 13 | flags = 0 14 | ) 15 | 16 | func newTabWriter(out io.Writer) *tabwriter.Writer { 17 | return tabwriter.NewWriter(out, minwidth, tabwidth, padding, padchar, flags) 18 | } 19 | -------------------------------------------------------------------------------- /cmd/cli/fsm_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | // TestCommandEntryPoint tests that all CLI subcommands can be 10 | // added under the root CLI command. 11 | func TestCommandEntryPoint(t *testing.T) { 12 | assert := tassert.New(t) 13 | 14 | cmd := initCommands() 15 | assert.NotNil(cmd) 16 | } 17 | -------------------------------------------------------------------------------- /cmd/cli/gateway.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | ) 8 | 9 | const gatewayDescription = ` 10 | This command consists of multiple subcommands related to managing gateway controller 11 | associated with fsm installations. 12 | ` 13 | 14 | func newGatewayCmd(out io.Writer) *cobra.Command { 15 | cmd := &cobra.Command{ 16 | Use: "gateway", 17 | Short: "manage fsm gateway", 18 | Aliases: []string{"gw"}, 19 | Long: gatewayDescription, 20 | Args: cobra.NoArgs, 21 | } 22 | cmd.AddCommand(newGatewayEnable(out)) 23 | cmd.AddCommand(newGatewayDisable(out)) 24 | 25 | return cmd 26 | } 27 | -------------------------------------------------------------------------------- /cmd/cli/ingress_namespaced.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | ) 8 | 9 | func newNamespacedIngressCmd(out io.Writer) *cobra.Command { 10 | cmd := &cobra.Command{ 11 | Use: "namespaced", 12 | Short: "manage fsm NamespacedIngress", 13 | Aliases: []string{"nsig"}, 14 | Long: ingressDescription, 15 | Args: cobra.NoArgs, 16 | } 17 | cmd.AddCommand(newNamespacedIngressEnableCmd(out)) 18 | cmd.AddCommand(newNamespacedIngressDisableCmd(out)) 19 | 20 | return cmd 21 | } 22 | -------------------------------------------------------------------------------- /cmd/cli/mesh.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | "helm.sh/helm/v3/pkg/action" 8 | ) 9 | 10 | const meshDescription = ` 11 | This command consists of multiple subcommands related to managing instances of 12 | fsm installations. Each fsm installation results in a mesh. Each installation 13 | receives a unique mesh name. 14 | 15 | ` 16 | 17 | func newMeshCmd(config *action.Configuration, in io.Reader, out io.Writer) *cobra.Command { 18 | cmd := &cobra.Command{ 19 | Use: "mesh", 20 | Short: "manage fsm installations", 21 | Long: meshDescription, 22 | Args: cobra.NoArgs, 23 | } 24 | cmd.AddCommand(newMeshList(out)) 25 | 26 | if !settings.IsManaged() { 27 | cmd.AddCommand(newMeshUpgradeCmd(config, out)) 28 | } 29 | 30 | return cmd 31 | } 32 | -------------------------------------------------------------------------------- /cmd/cli/namespace.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | ) 8 | 9 | const namespaceDescription = ` 10 | This command consists of multiple subcommands related to managing namespaces 11 | associated with fsm installations. 12 | ` 13 | 14 | func newNamespaceCmd(out io.Writer) *cobra.Command { 15 | cmd := &cobra.Command{ 16 | Use: "namespace", 17 | Short: "manage fsm namespaces", 18 | Aliases: []string{"ns"}, 19 | Long: namespaceDescription, 20 | Args: cobra.NoArgs, 21 | } 22 | cmd.AddCommand(newNamespaceAdd(out)) 23 | cmd.AddCommand(newNamespaceRemove(out)) 24 | cmd.AddCommand(newNamespaceIgnore(out)) 25 | cmd.AddCommand(newNamespaceList(out)) 26 | 27 | return cmd 28 | } 29 | -------------------------------------------------------------------------------- /cmd/cli/namespacedingress.go: -------------------------------------------------------------------------------- 1 | package main 2 | -------------------------------------------------------------------------------- /cmd/cli/policy.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | ) 8 | 9 | const trafficPolicyDescription = ` 10 | This command consists of subcommands related to traffic policies 11 | associated with fsm. 12 | ` 13 | 14 | func newPolicyCmd(stdout io.Writer, _ io.Writer) *cobra.Command { 15 | cmd := &cobra.Command{ 16 | Use: "policy", 17 | Short: "manage and check traffic policies", 18 | Long: trafficPolicyDescription, 19 | Args: cobra.NoArgs, 20 | } 21 | cmd.AddCommand(newPolicyCheckPods(stdout)) 22 | cmd.AddCommand(newPolicyCheckConflicts(stdout)) 23 | 24 | return cmd 25 | } 26 | -------------------------------------------------------------------------------- /cmd/cli/proxy.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | "helm.sh/helm/v3/pkg/action" 8 | 9 | "sigs.k8s.io/gwctl/pkg/common" 10 | ) 11 | 12 | const proxyCmdDescription = ` 13 | This command consists of subcommands related to the operations 14 | of the sidecar proxy on pods. 15 | ` 16 | 17 | func newProxyCmd(config *action.Configuration, factory common.Factory, out io.Writer) *cobra.Command { 18 | cmd := &cobra.Command{ 19 | Use: "proxy", 20 | Short: "sidecar proxy operations", 21 | Long: proxyCmdDescription, 22 | Args: cobra.NoArgs, 23 | } 24 | cmd.AddCommand(newProxyGetCmd(config, factory, out)) 25 | 26 | return cmd 27 | } 28 | -------------------------------------------------------------------------------- /cmd/cli/servicelb.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | ) 8 | 9 | const serviceLBDescription = ` 10 | This command consists of multiple subcommands related to managing service-lb controller 11 | associated with fsm installations. 12 | ` 13 | 14 | func newServiceLBCmd(out io.Writer) *cobra.Command { 15 | cmd := &cobra.Command{ 16 | Use: "servicelb", 17 | Short: "manage fsm service-lb", 18 | Aliases: []string{"slb"}, 19 | Long: serviceLBDescription, 20 | Args: cobra.NoArgs, 21 | } 22 | cmd.AddCommand(newServiceLBEnableCmd(out)) 23 | cmd.AddCommand(newServiceLBDisableCmd(out)) 24 | 25 | return cmd 26 | } 27 | -------------------------------------------------------------------------------- /cmd/cli/shared.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | const ( 4 | presetMeshConfigName = "preset-mesh-config" 5 | presetMeshConfigJSONKey = "preset-mesh-config.json" 6 | ) 7 | -------------------------------------------------------------------------------- /cmd/cli/suite_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "path/filepath" 5 | "testing" 6 | 7 | . "github.com/onsi/ginkgo" 8 | . "github.com/onsi/gomega" 9 | 10 | "github.com/flomesh-io/fsm/pkg/cli" 11 | ) 12 | 13 | func TestCLI(t *testing.T) { 14 | RegisterFailHandler(Fail) 15 | RunSpecs(t, "CLI Test Suite") 16 | } 17 | 18 | var _ = BeforeSuite(func() { 19 | var err error 20 | chartTGZSource, err = cli.GetChartSource(filepath.Join("testdata", "test-chart")) 21 | Expect(err).NotTo(HaveOccurred()) 22 | }) 23 | -------------------------------------------------------------------------------- /cmd/cli/support.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | "helm.sh/helm/v3/pkg/action" 8 | ) 9 | 10 | const supportCmdDescription = ` 11 | This command consists of subcommands related supportability and 12 | associated tooling, such as examining error codes. 13 | ` 14 | 15 | func newSupportCmd(config *action.Configuration, stdout io.Writer, stderr io.Writer) *cobra.Command { 16 | cmd := &cobra.Command{ 17 | Use: "support", 18 | Short: "supportability tooling", 19 | Long: supportCmdDescription, 20 | Args: cobra.NoArgs, 21 | } 22 | cmd.AddCommand(newSupportErrInfoCmd(stdout)) 23 | cmd.AddCommand(newSupportBugReportCmd(config, stdout, stderr)) 24 | 25 | return cmd 26 | } 27 | -------------------------------------------------------------------------------- /cmd/cli/testdata/test-chart/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /cmd/cli/testdata/test-chart/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Success 2 | -------------------------------------------------------------------------------- /cmd/cli/testdata/test-chart/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for test-chart. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | fsm: 5 | namespace: test-namespace 6 | image: 7 | registry: test-registry-default 8 | imagePullSecrets: [] 9 | -------------------------------------------------------------------------------- /cmd/cli/uninstall.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "io" 5 | 6 | "github.com/spf13/cobra" 7 | "helm.sh/helm/v3/pkg/action" 8 | ) 9 | 10 | const uninstallDescription = ` 11 | This command consists of multiple subcommands related to uninstalling the fsm 12 | control plane. 13 | ` 14 | 15 | func newUninstallCmd(config *action.Configuration, in io.Reader, out io.Writer) *cobra.Command { 16 | cmd := &cobra.Command{ 17 | Use: "uninstall", 18 | Short: "uninstall fsm", 19 | Aliases: []string{"delete", "del"}, 20 | Long: uninstallDescription, 21 | Args: cobra.NoArgs, 22 | } 23 | cmd.AddCommand(newUninstallMeshCmd(config, in, out)) 24 | 25 | return cmd 26 | } 27 | -------------------------------------------------------------------------------- /cmd/fsm-bootstrap/raw/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | resources: 5 | - gateway-api.yaml 6 | 7 | labels: 8 | - includeSelectors: true 9 | pairs: 10 | app.kubernetes.io/name: flomesh.io 11 | -------------------------------------------------------------------------------- /cmd/fsm-controller/fsm-controller_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestJoinURL(t *testing.T) { 10 | assert := tassert.New(t) 11 | type joinURLtest struct { 12 | baseURL string 13 | path string 14 | expectedOutput string 15 | } 16 | joinURLtests := []joinURLtest{ 17 | {"http://foo", "/bar", "http://foo/bar"}, 18 | {"http://foo/", "/bar", "http://foo/bar"}, 19 | {"http://foo/", "bar", "http://foo/bar"}, 20 | {"http://foo", "bar", "http://foo/bar"}, 21 | } 22 | 23 | for _, ju := range joinURLtests { 24 | result := joinURL(ju.baseURL, ju.path) 25 | assert.Equal(result, ju.expectedOutput) 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /cmd/fsm-controller/suite_test.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestADSMain(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "ADSMain Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /cmd/fsm-controller/validate.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | // validateCLIParams contains all checks necessary that various permutations of the CLI flags are consistent 8 | func validateCLIParams() error { 9 | if meshName == "" { 10 | return fmt.Errorf("Please specify the mesh name using --mesh-name") 11 | } 12 | 13 | if fsmNamespace == "" { 14 | return fmt.Errorf("Please specify the FSM namespace using --fsm-namespace") 15 | } 16 | 17 | if validatorWebhookConfigName == "" { 18 | return fmt.Errorf("Please specify the webhook configuration name using --validator-webhook-config") 19 | } 20 | 21 | return nil 22 | } 23 | -------------------------------------------------------------------------------- /codegen/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | 2 | /* 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | */ -------------------------------------------------------------------------------- /community/logos/fsm-avatar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/fsm-avatar.png -------------------------------------------------------------------------------- /community/logos/fsm-branding-main.sketch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/fsm-branding-main.sketch -------------------------------------------------------------------------------- /community/logos/fsm-twitter-banner.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/fsm-twitter-banner.jpg -------------------------------------------------------------------------------- /community/logos/fsm-twitter-banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/fsm-twitter-banner.png -------------------------------------------------------------------------------- /community/logos/horizontal/fsm-logo-strapline.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/horizontal/fsm-logo-strapline.png -------------------------------------------------------------------------------- /community/logos/icon/favicon-16.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/icon/favicon-16.png -------------------------------------------------------------------------------- /community/logos/icon/favicon-256.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/icon/favicon-256.png -------------------------------------------------------------------------------- /community/logos/icon/favicon-32.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/icon/favicon-32.png -------------------------------------------------------------------------------- /community/logos/icon/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/icon/icon.png -------------------------------------------------------------------------------- /community/logos/styleguide/fsm-styleguide-typography.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/styleguide/fsm-styleguide-typography.png -------------------------------------------------------------------------------- /community/logos/styleguide/fsm-website.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/styleguide/fsm-website.png -------------------------------------------------------------------------------- /community/logos/styleguide/palette.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/styleguide/palette.png -------------------------------------------------------------------------------- /community/logos/vertical/fsm-logo-compact.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/vertical/fsm-logo-compact.png -------------------------------------------------------------------------------- /community/logos/vertical/fsm-logo-stacked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/community/logos/vertical/fsm-logo-stacked.png -------------------------------------------------------------------------------- /demo/clean-kubernetes.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | MESH_NAME="${MESH_NAME:-fsm}" 9 | TIMEOUT="${TIMEOUT:-90s}" 10 | 11 | bin/fsm uninstall mesh -f --mesh-name "$MESH_NAME" --fsm-namespace "$K8S_NAMESPACE" --delete-namespace -a 12 | 13 | for ns in "$BOOKWAREHOUSE_NAMESPACE" "$BOOKBUYER_NAMESPACE" "$BOOKSTORE_NAMESPACE" "$BOOKTHIEF_NAMESPACE"; do 14 | kubectl delete namespace "$ns" --ignore-not-found --wait --timeout="$TIMEOUT" & 15 | done 16 | 17 | # Clean up Hashicorp Vault deployment 18 | kubectl delete deployment vault -n "$K8S_NAMESPACE" --ignore-not-found --wait --timeout="$TIMEOUT" & 19 | kubectl delete service vault -n "$K8S_NAMESPACE" --ignore-not-found --wait --timeout="$TIMEOUT" & 20 | 21 | wait 22 | -------------------------------------------------------------------------------- /demo/configure-app-namespaces.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | for ns in "$BOOKWAREHOUSE_NAMESPACE" "$BOOKBUYER_NAMESPACE" "$BOOKSTORE_NAMESPACE" "$BOOKTHIEF_NAMESPACE"; do 9 | kubectl create namespace "$ns" --save-config 10 | ./scripts/create-container-registry-creds.sh "$ns" 11 | done 12 | 13 | # Add namespaces to the mesh 14 | bin/fsm namespace add --mesh-name "$MESH_NAME" "$BOOKWAREHOUSE_NAMESPACE" "$BOOKBUYER_NAMESPACE" "$BOOKSTORE_NAMESPACE" "$BOOKTHIEF_NAMESPACE" 15 | 16 | # Enable metrics for pods belonging to app namespaces 17 | bin/fsm metrics enable --namespace "$BOOKWAREHOUSE_NAMESPACE, $BOOKBUYER_NAMESPACE, $BOOKSTORE_NAMESPACE, $BOOKTHIEF_NAMESPACE" 18 | -------------------------------------------------------------------------------- /demo/copy-fsm-ca-bundle.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -auexo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | ALPHA_CLUSTER="${ALPHA_CLUSTER:-alpha}" 9 | BETA_CLUSTER="${BETA_CLUSTER:-beta}" 10 | 11 | kubectl config use-context "$ALPHA_CLUSTER" 12 | kubectl get secret fsm-ca-bundle -n fsm-system -o yaml > /tmp/ca-bundle.yaml 13 | 14 | 15 | kubectl config use-context "$BETA_CLUSTER" 16 | 17 | kubectl apply -f /tmp/ca-bundle.yaml 18 | rm -f /tmp/ca-bundle.yaml 19 | -------------------------------------------------------------------------------- /demo/deploy-smi-policies.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | ./demo/deploy-traffic-specs.sh 9 | ./demo/deploy-traffic-target.sh 10 | ./demo/deploy-traffic-split.sh 11 | 12 | 13 | echo -e "Enable SMI Spec policies" 14 | kubectl apply -f - < gh; 9 | {bookbuyer bookthief} -> b1 [lhead=cluster0]; 10 | 11 | subgraph cluster0 { 12 | label="bookstore"; 13 | b1[label="bookstore-v1"]; 14 | b2[label="bookstore-v2"]; 15 | b1 -> b2 [style=invis]; 16 | } 17 | 18 | b2 -> bookwarehouse [ltail=cluster0]; 19 | bookwarehouse -> MySQL 20 | } 21 | -------------------------------------------------------------------------------- /demo/ingress/deploy-ingress-nginx-with-host.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | 5 | # This script deploys a Kubernetes Ingress resource for Nginx. 6 | # This is a helper script used to ease the demonstration of FSM. 7 | 8 | 9 | 10 | set -aueo pipefail 11 | 12 | # shellcheck disable=SC1091 13 | source .env 14 | 15 | echo "Create Bookstore Ingress Resource" 16 | kubectl apply -f - <" 11 | exit 1 12 | fi 13 | 14 | POD="$(kubectl get pods -n "$BOOKSTORE_NAMESPACE" --show-labels --selector "$selector" --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" 15 | 16 | kubectl logs "$POD" -n "$BOOKSTORE_NAMESPACE" -c sidecar --tail=100 -f 17 | -------------------------------------------------------------------------------- /demo/tail-bookstore.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | source .env 5 | 6 | selector="$1" 7 | thisScript="$(dirname "$0")/$(basename "$0")" 8 | 9 | if [ -z "$selector" ]; then 10 | echo "Usage: $thisScript " 11 | exit 1 12 | fi 13 | 14 | POD="$(kubectl get pods -n "$BOOKSTORE_NAMESPACE" --show-labels --selector "$selector" --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" 15 | 16 | kubectl logs "$POD" -n "$BOOKSTORE_NAMESPACE" -c bookstore --tail=100 17 | -------------------------------------------------------------------------------- /demo/tail-bookthief-sidecar.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | source .env 5 | 6 | kubectl describe pod "$(kubectl get pods -n "$BOOKTHIEF_NAMESPACE" --show-labels --selector app=client --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" -n "$BOOKTHIEF_NAMESPACE" 7 | 8 | POD="$(kubectl get pods -n "$BOOKTHIEF_NAMESPACE" --show-labels --selector app=bookthief --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$BOOKTHIEF_NAMESPACE" -c sidecar --tail=100 -f 11 | -------------------------------------------------------------------------------- /demo/tail-bookthief.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | source .env 5 | 6 | POD="$(kubectl get pods -n "$BOOKTHIEF_NAMESPACE" --show-labels --selector app=bookthief --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" 7 | 8 | kubectl logs "${POD}" -n "$BOOKTHIEF_NAMESPACE" -c bookthief --tail=100 -f -------------------------------------------------------------------------------- /demo/tail-bookwarehouse-sidecar.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | source .env 5 | 6 | kubectl describe pod "$(kubectl get pods -n "$BOOKWAREHOUSE_NAMESPACE" --show-labels --selector app=client --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" -n "$BOOKWAREHOUSE_NAMESPACE" 7 | 8 | POD="$(kubectl get pods -n "$BOOKWAREHOUSE_NAMESPACE" --show-labels --selector app=bookwarehouse --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$BOOKWAREHOUSE_NAMESPACE" -c sidecar --tail=100 -f 11 | -------------------------------------------------------------------------------- /demo/tail-bookwarehouse.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | source .env 5 | 6 | POD="$(kubectl get pods -n "$BOOKWAREHOUSE_NAMESPACE" --show-labels --selector app=bookwarehouse --no-headers | grep -v 'Terminating' | awk '{print $1}' | head -n1)" 7 | 8 | kubectl logs "${POD}" -n "$BOOKWAREHOUSE_NAMESPACE" -c bookwarehouse --tail=100 -f 9 | -------------------------------------------------------------------------------- /demo/tail-fluentbit-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector app=fsm-controller --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" fluentbit-logger -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-consul-connector-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector flomesh.io/fsm-connector=consul --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-controller-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector app=fsm-controller --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -c fsm-controller -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-eureka-connector-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector flomesh.io/fsm-connector=eureka --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-gateway-connector-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector flomesh.io/fsm-connector=gateway --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-injector-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector app=fsm-injector --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-machine-connector-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector flomesh.io/fsm-connector=machine --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-nacos-connector-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector flomesh.io/fsm-connector=nacos --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-xnetwork-xmgt-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector app=fsm-xnetwork --field-selector spec.nodeName=k3d-c1-server-0 --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -c fsm-xmgt -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-xnetwork-xnet-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector app=fsm-xnetwork --field-selector spec.nodeName=k3d-c1-server-0 --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -c fsm-xnet -f 11 | -------------------------------------------------------------------------------- /demo/tail-fsm-zookeeper-connector-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector flomesh.io/fsm-connector=zookeeper --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /demo/tail-vault.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -aueo pipefail 4 | 5 | # shellcheck disable=SC1091 6 | source .env 7 | 8 | POD="$(kubectl get pods -n "$K8S_NAMESPACE" --selector app=vault --no-headers | awk '{print $1}' | head -n1)" 9 | 10 | kubectl logs "${POD}" -n "$K8S_NAMESPACE" -f 11 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.demo: -------------------------------------------------------------------------------- 1 | ARG GO_VERSION 2 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 3 | ARG TARGETOS 4 | ARG TARGETARCH 5 | ARG BINARY 6 | 7 | WORKDIR /fsm 8 | COPY . . 9 | RUN --mount=type=cache,target=/root/.cache/go-build \ 10 | --mount=type=cache,target=/go/pkg \ 11 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v ./demo/cmd/$BINARY 12 | 13 | FROM gcr.io/distroless/base AS final-linux 14 | FROM final-$TARGETOS 15 | ARG BINARY 16 | COPY --from=builder /fsm/$BINARY* / 17 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-bootstrap: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG GO_VERSION 3 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 4 | ARG LDFLAGS 5 | ARG TARGETOS 6 | ARG TARGETARCH 7 | 8 | WORKDIR /fsm 9 | COPY . . 10 | RUN --mount=type=cache,target=/root/.cache/go-build \ 11 | --mount=type=cache,target=/go/pkg \ 12 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v -o fsm-bootstrap -ldflags "$LDFLAGS" ./cmd/fsm-bootstrap 13 | 14 | FROM gcr.io/distroless/static 15 | COPY --from=builder /fsm/fsm-bootstrap / 16 | COPY ./cmd/fsm-bootstrap/crds /fsm-crds/ 17 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-connector: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG GO_VERSION 3 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 4 | ARG LDFLAGS 5 | ARG TARGETOS 6 | ARG TARGETARCH 7 | 8 | WORKDIR /fsm 9 | COPY . . 10 | RUN --mount=type=cache,target=/root/.cache/go-build \ 11 | --mount=type=cache,target=/go/pkg \ 12 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v -o fsm-connector -ldflags "$LDFLAGS" ./cmd/fsm-connector 13 | 14 | FROM gcr.io/distroless/static 15 | COPY --from=builder /fsm/fsm-connector / 16 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-controller: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG GO_VERSION 3 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 4 | ARG LDFLAGS 5 | ARG TARGETOS 6 | ARG TARGETARCH 7 | 8 | WORKDIR /fsm 9 | COPY . . 10 | RUN --mount=type=cache,target=/root/.cache/go-build \ 11 | --mount=type=cache,target=/go/pkg \ 12 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v -o fsm-controller -ldflags "$LDFLAGS" ./cmd/fsm-controller 13 | 14 | FROM gcr.io/distroless/static 15 | COPY --from=builder /fsm/fsm-controller / -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-crds: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | FROM --platform=$BUILDPLATFORM busybox:1.36 AS builder 3 | ARG TARGETPLATFORM 4 | # Talking to the internet in an arm64 container doesn't seem to work from a 5 | # amd64 Mac, so download the kubectl binary in a stage running the native arch. 6 | RUN wget https://dl.k8s.io/release/v1.22.2/bin/$TARGETPLATFORM/kubectl -O /bin/kubectl && \ 7 | chmod +x /bin/kubectl 8 | 9 | FROM busybox:1.36 10 | COPY --from=builder /bin/kubectl /bin 11 | COPY ./cmd/fsm-bootstrap/crds/* /fsm-crds/ 12 | ENTRYPOINT ["/bin/kubectl"] 13 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-curl: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | FROM flomesh/curl:latest 3 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-healthcheck: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG GO_VERSION 3 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 4 | ARG LDFLAGS 5 | ARG TARGETOS 6 | ARG TARGETARCH 7 | 8 | WORKDIR /fsm 9 | COPY . . 10 | RUN --mount=type=cache,target=/root/.cache/go-build \ 11 | --mount=type=cache,target=/go/pkg \ 12 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v -o fsm-healthcheck -ldflags "$LDFLAGS" ./cmd/fsm-healthcheck 13 | 14 | FROM gcr.io/distroless/static 15 | COPY --from=builder /fsm/fsm-healthcheck / 16 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-injector: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG GO_VERSION 3 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 4 | ARG LDFLAGS 5 | ARG TARGETOS 6 | ARG TARGETARCH 7 | 8 | WORKDIR /fsm 9 | COPY . . 10 | RUN --mount=type=cache,target=/root/.cache/go-build \ 11 | --mount=type=cache,target=/go/pkg \ 12 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v -o fsm-injector -ldflags "$LDFLAGS" ./cmd/fsm-injector 13 | 14 | FROM gcr.io/distroless/static 15 | COPY --from=builder /fsm/fsm-injector / -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-preinstall: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG GO_VERSION 3 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 4 | ARG LDFLAGS 5 | ARG TARGETOS 6 | ARG TARGETARCH 7 | 8 | WORKDIR /fsm 9 | COPY . . 10 | RUN --mount=type=cache,target=/root/.cache/go-build \ 11 | --mount=type=cache,target=/go/pkg \ 12 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v -o fsm-preinstall -ldflags "$LDFLAGS" ./cmd/fsm-preinstall 13 | 14 | FROM gcr.io/distroless/static 15 | COPY --from=builder /fsm/fsm-preinstall / 16 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-sidecar-init: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | FROM flomesh/alpine:3 3 | RUN apk add --no-cache iptables 4 | -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.fsm-xnetmgmt: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG GO_VERSION 3 | FROM --platform=$BUILDPLATFORM golang:${GO_VERSION:-latest} AS builder 4 | ARG LDFLAGS 5 | ARG TARGETOS 6 | ARG TARGETARCH 7 | 8 | WORKDIR /fsm 9 | COPY . . 10 | RUN --mount=type=cache,target=/root/.cache/go-build \ 11 | --mount=type=cache,target=/go/pkg \ 12 | CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -v -o fsm-xnet-mgmt -ldflags "$LDFLAGS" ./cmd/fsm-xnetmgmt 13 | 14 | FROM flomesh/ubuntu:22.04 15 | 16 | COPY --from=builder /fsm/fsm-xnet-mgmt / -------------------------------------------------------------------------------- /dockerfiles/Dockerfile.pipy-nonroot: -------------------------------------------------------------------------------- 1 | # syntax = docker/dockerfile:1 2 | ARG DISTROLESS_TAG 3 | ARG PIPY_VERSION 4 | 5 | # Build the pipy binary 6 | FROM flomesh/pipy:${PIPY_VERSION}-debian AS builder 7 | 8 | # Build the final image 9 | FROM gcr.io/distroless/cc-debian12:$DISTROLESS_TAG 10 | WORKDIR / 11 | COPY --from=builder /usr/local/bin/pipy /usr/local/bin/pipy 12 | 13 | USER 65532:65532 14 | EXPOSE 6060 15 | STOPSIGNAL SIGQUIT 16 | 17 | ENTRYPOINT ["/usr/local/bin/pipy"] 18 | -------------------------------------------------------------------------------- /dockerfiles/euler.repo: -------------------------------------------------------------------------------- 1 | [openEuler] # openEuler 22.03-LTS-SP1 官方发布源 2 | name=openEuler 3 | baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP1/everything/$basearch/ 4 | enabled=1 5 | gpgcheck=1 6 | gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP1/everything/$basearch/RPM-GPG-KEY-openEuler 7 | -------------------------------------------------------------------------------- /docs/README.md: -------------------------------------------------------------------------------- 1 | # Repository Documentation 2 | 3 | This directory contains documentation pertaining to this repository and will be most useful for maintainers 4 | and contributors to the Flomesh Service Mesh (FSM) Github repository. Documentation on how to use the FSM project 5 | can be found on the docs website at [https://docs.flomesh.io/](https://docs.flomesh.io/). 6 | 7 | ## Table of Contents 8 | 9 | - [Development Guide](development_guide/README.md) 10 | - [Issue Triage Guide](issue_triage_guide.md) 11 | - [Automerge](automerge.md) 12 | - [Release Guide](release_guide.md) 13 | - [Generating API Reference Documentation](api_reference/README.md) 14 | - [How FSM uses Envoy](how_fsm_uses_envoy.md) 15 | - [Pull Request Review Guide](pull_request_review_guide.md) 16 | - [Certificate management](certificate_management.md) 17 | -------------------------------------------------------------------------------- /docs/development_guide/fsm-components-and-interactions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/docs/development_guide/fsm-components-and-interactions.png -------------------------------------------------------------------------------- /docs/images/fsm-components-and-interactions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/docs/images/fsm-components-and-interactions.png -------------------------------------------------------------------------------- /docs/images/fsm-git-release.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/docs/images/fsm-git-release.jpg -------------------------------------------------------------------------------- /docs/images/fsm-install-demo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/docs/images/fsm-install-demo.gif -------------------------------------------------------------------------------- /docs/images/fsm_certificate_management1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/docs/images/fsm_certificate_management1.png -------------------------------------------------------------------------------- /docs/images/grafana.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/flomesh-io/fsm/caa426cf29d285e22a6d343a82f165db526f59d1/docs/images/grafana.gif -------------------------------------------------------------------------------- /docs/tests/dnsmasq/README.md: -------------------------------------------------------------------------------- 1 | # dnsmasq 2 | 3 | - Setup **dnsmasq** to resolve *.localhost domain to 127.0.0.1 4 | * Install: `brew install dnsmasq` 5 | * Create config directory: `mkdir -pv $(brew --prefix)/etc/` 6 | * Setup *.localhost domain: `echo 'address=/.localhost/127.0.0.1' >> $(brew --prefix)/etc/dnsmasq.conf` 7 | * Change DNS port: `echo 'port=53' >> $(brew --prefix)/etc/dnsmasq.conf` 8 | * Autostart dnsmasq - now and after reboot: `sudo brew services start dnsmasq` 9 | * Create resolver directory: `sudo mkdir -v /etc/resolver` 10 | * Add your nameserver to resolvers: `sudo bash -c 'echo "nameserver 127.0.0.1" > /etc/resolver/localhost'` -------------------------------------------------------------------------------- /environments.md: -------------------------------------------------------------------------------- 1 | # Environments 2 | 3 | FSM can be installed in any Kubernetes cluster running in a variety of environments such as AWS, Azure Kubernetes Service, Google Cloud, and even bare metal. -------------------------------------------------------------------------------- /pkg/apis/config/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=config.flomesh.io 3 | // +kubebuilder:deprecatedversion 4 | 5 | // Package v1alpha1 is the v1alpha1 version of the API. 6 | package v1alpha1 7 | -------------------------------------------------------------------------------- /pkg/apis/config/v1alpha2/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=config.flomesh.io 3 | 4 | // Package v1alpha2 is the v1alpha2 version of the API. 5 | package v1alpha2 6 | -------------------------------------------------------------------------------- /pkg/apis/config/v1alpha3/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=config.flomesh.io 3 | 4 | // Package v1alpha3 is the v1alpha3 version of the API. 5 | package v1alpha3 6 | -------------------------------------------------------------------------------- /pkg/apis/connector/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=connector.flomesh.io 3 | 4 | // Package v1alpha1 is the v1alpha1 version of the API. 5 | package v1alpha1 6 | -------------------------------------------------------------------------------- /pkg/apis/extension/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=extension.gateway.flomesh.io 3 | // +k8s:openapi-gen=true 4 | 5 | // Package v1alpha1 is the v1alpha1 version of the API. 6 | package v1alpha1 7 | -------------------------------------------------------------------------------- /pkg/apis/machine/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=machine.flomesh.io 3 | 4 | // Package v1alpha1 is the v1alpha1 version of the API. 5 | package v1alpha1 6 | -------------------------------------------------------------------------------- /pkg/apis/multicluster/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +kubebuilder:object:generate=true 2 | // +k8s:deepcopy-gen=package,register 3 | // +groupName=multicluster.flomesh.io 4 | 5 | // Package v1alpha1 is the v1alpha1 version of the API. 6 | package v1alpha1 7 | -------------------------------------------------------------------------------- /pkg/apis/namespacedingress/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +kubebuilder:object:generate=true 2 | // +k8s:deepcopy-gen=package,register 3 | // +groupName=networking.flomesh.io 4 | // +kubebuilder:object:generate=false 5 | 6 | // Package v1alpha1 is the v1alpha1 version of the API. 7 | package v1alpha1 8 | -------------------------------------------------------------------------------- /pkg/apis/networking/v1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=networking.k8s.io 3 | // +kubebuilder:skip 4 | 5 | // Package v1 is the v1 version of the API. 6 | package v1 7 | -------------------------------------------------------------------------------- /pkg/apis/plugin/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=plugin.flomesh.io 3 | 4 | // Package v1alpha1 is the v1alpha1 version of the API. 5 | package v1alpha1 6 | -------------------------------------------------------------------------------- /pkg/apis/policy/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=policy.flomesh.io 3 | 4 | // Package v1alpha1 is the v1alpha1 version of the API. 5 | package v1alpha1 6 | -------------------------------------------------------------------------------- /pkg/apis/policyattachment/v1alpha2/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=gateway.flomesh.io 3 | // +k8s:openapi-gen=true 4 | 5 | // Package v1alpha2 is the v1alpha1 version of the API. 6 | package v1alpha2 7 | -------------------------------------------------------------------------------- /pkg/apis/traffic/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=traffic.flomesh.io 3 | // +k8s:openapi-gen=true 4 | 5 | // Package v1alpha1 is the v1alpha1 version of the API. 6 | package v1alpha1 7 | -------------------------------------------------------------------------------- /pkg/apis/xnetwork/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package,register 2 | // +groupName=xnetwork.flomesh.io 3 | 4 | // Package v1alpha1 is the v1alpha1 version of the API. 5 | package v1alpha1 6 | -------------------------------------------------------------------------------- /pkg/bugreport/archive.go: -------------------------------------------------------------------------------- 1 | package bugreport 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | 7 | "github.com/mholt/archiver/v3" 8 | ) 9 | 10 | func (c *Config) archive(sourcePath string, destinationPath string) error { 11 | if _, err := os.Stat(destinationPath); err == nil { 12 | if err := os.Remove(destinationPath); err != nil { 13 | c.completionFailure("Error removing existing bug report file %s", destinationPath) 14 | return fmt.Errorf("Error generating bug report: %w", err) 15 | } 16 | } 17 | if err := archiver.Archive([]string{sourcePath}, destinationPath); err != nil { 18 | c.completionFailure("Error archiving files for bug report") 19 | return fmt.Errorf("Error generating bug report: %w", err) 20 | } 21 | 22 | c.completionSuccess("Bug report successfully archived to %s", destinationPath) 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /pkg/catalog/configurator.go: -------------------------------------------------------------------------------- 1 | package catalog 2 | 3 | import ( 4 | "github.com/flomesh-io/fsm/pkg/configurator" 5 | "github.com/flomesh-io/fsm/pkg/endpoint" 6 | "github.com/flomesh-io/fsm/pkg/identity" 7 | ) 8 | 9 | // GetConfigurator converts private variable to public 10 | func (mc *MeshCatalog) GetConfigurator() *configurator.Configurator { 11 | return &mc.configurator 12 | } 13 | 14 | // ListEndpointsForServiceIdentity converts private method to public 15 | func (mc *MeshCatalog) ListEndpointsForServiceIdentity(serviceIdentity identity.ServiceIdentity) []endpoint.Endpoint { 16 | return mc.listEndpointsForServiceIdentity(serviceIdentity) 17 | } 18 | -------------------------------------------------------------------------------- /pkg/catalog/errors.go: -------------------------------------------------------------------------------- 1 | package catalog 2 | 3 | import "fmt" 4 | 5 | var ( 6 | // errNoTrafficSpecFoundForTrafficPolicy is an error for when FSM cannot find a traffic spec for the given traffic policy. 7 | errNoTrafficSpecFoundForTrafficPolicy = fmt.Errorf("no traffic spec found for the traffic policy") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/catalog/suite_test.go: -------------------------------------------------------------------------------- 1 | package catalog 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestCatalog(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Catalog Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/certificate/pem/types.go: -------------------------------------------------------------------------------- 1 | // Package pem defines the types for the attributes of a Certificate. 2 | package pem 3 | 4 | // Certificate is an SSL certificate. 5 | type Certificate []byte 6 | 7 | // PrivateKey is the private key for an SSL certificate. 8 | type PrivateKey []byte 9 | 10 | // RootCertificate is a root SSL certificate. 11 | type RootCertificate []byte 12 | 13 | // RootPrivateKey is the private key for a root SSL certificate. 14 | type RootPrivateKey []byte 15 | 16 | // CertificateRequest is an SSL certificate request. 17 | type CertificateRequest []byte 18 | -------------------------------------------------------------------------------- /pkg/certificate/providers/certmanager/suite_test.go: -------------------------------------------------------------------------------- 1 | package certmanager 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestCertManager(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "cert-manager Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/certificate/providers/tresor/README.md: -------------------------------------------------------------------------------- 1 | # Tresor Certificate Provider 2 | 3 | The Tresor package is a minimal certificate issuance facility, which leverages Go's `crypto` libraries to generate a CA, and issue certificates for Envoy-to-xDS communication as well as Envoy-to-Envoy (east-west) between services. 4 | -------------------------------------------------------------------------------- /pkg/certificate/providers/tresor/errors.go: -------------------------------------------------------------------------------- 1 | package tresor 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | var errCreateCert = errors.New("create cert") 8 | var errGeneratingSerialNumber = errors.New("generate serial number") 9 | var errGeneratingPrivateKey = errors.New("generate private") 10 | var errNoIssuingCA = errors.New("no issuing CA") 11 | -------------------------------------------------------------------------------- /pkg/certificate/providers/tresor/suite_test.go: -------------------------------------------------------------------------------- 1 | package tresor 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestTresor(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Tresor Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/certificate/providers/vault/suite_test.go: -------------------------------------------------------------------------------- 1 | package vault 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestVault(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Hashicorp Vault Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/certificate/providers/vault/tools.go: -------------------------------------------------------------------------------- 1 | package vault 2 | 3 | import ( 4 | "fmt" 5 | "time" 6 | 7 | "github.com/flomesh-io/fsm/pkg/certificate" 8 | ) 9 | 10 | func getDurationInMinutes(validityPeriod time.Duration) string { 11 | return fmt.Sprintf("%dh", validityPeriod/time.Hour) 12 | } 13 | 14 | func getIssueURL(role string) string { 15 | return fmt.Sprintf("pki/issue/%+v", role) 16 | } 17 | 18 | func getIssuanceData(cn certificate.CommonName, validityPeriod time.Duration) map[string]interface{} { 19 | return map[string]interface{}{ 20 | commonNameField: cn.String(), 21 | ttlField: getDurationInMinutes(validityPeriod), 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /pkg/certificate/providers/vault/types.go: -------------------------------------------------------------------------------- 1 | // Package vault implements the certificate.Manager interface for Hashicorp Vault as the certificate provider. 2 | package vault 3 | 4 | import ( 5 | "github.com/hashicorp/vault/api" 6 | ) 7 | 8 | // CertManager implements certificate.Manager and contains a Hashi Vault client instance. 9 | type CertManager struct { 10 | // Hashicorp Vault client 11 | client *api.Client 12 | 13 | // The Vault role configured for FSM and passed as a CLI. 14 | role string 15 | } 16 | -------------------------------------------------------------------------------- /pkg/certificate/suite_test.go: -------------------------------------------------------------------------------- 1 | package certificate 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestCertificates(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Certificate Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/cli/chart_source.go: -------------------------------------------------------------------------------- 1 | package cli 2 | 3 | import ( 4 | "io/ioutil" 5 | "os" 6 | 7 | helm "helm.sh/helm/v3/pkg/action" 8 | ) 9 | 10 | // GetChartSource is a helper to convert a filepath to a chart to a 11 | // base64-encoded, gzipped tarball. 12 | func GetChartSource(path string) ([]byte, error) { 13 | pack := helm.NewPackage() 14 | packagedPath, err := pack.Run(path, nil) 15 | if err != nil { 16 | return nil, err 17 | } 18 | //nolint: errcheck 19 | //#nosec G307 20 | defer os.Remove(packagedPath) 21 | packaged, err := ioutil.ReadFile(packagedPath) // #nosec G304 22 | if err != nil { 23 | return nil, err 24 | } 25 | return packaged, nil 26 | } 27 | -------------------------------------------------------------------------------- /pkg/configurator/suite_test.go: -------------------------------------------------------------------------------- 1 | package configurator 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestConfigurator(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Configurator Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/connector/cli/context.go: -------------------------------------------------------------------------------- 1 | package cli 2 | 3 | import "github.com/flomesh-io/fsm/pkg/connector" 4 | 5 | func (c *client) GetC2KContext() *connector.C2KContext { 6 | return c.c2kContext 7 | } 8 | 9 | func (c *client) GetK2CContext() *connector.K2CContext { 10 | return c.k2cContext 11 | } 12 | 13 | func (c *client) GetK2GContext() *connector.K2GContext { 14 | return c.k2gContext 15 | } 16 | -------------------------------------------------------------------------------- /pkg/connector/cli/job.go: -------------------------------------------------------------------------------- 1 | package cli 2 | 3 | import "github.com/flomesh-io/fsm/pkg/connector" 4 | 5 | // connectControllerJob is the job to generate pipy policy json 6 | type connectControllerJob struct { 7 | // Optional waiter 8 | done chan struct{} 9 | connectController connector.ConnectController 10 | } 11 | 12 | // GetDoneCh returns the channel, which when closed, indicates the job has been finished. 13 | func (job *connectControllerJob) GetDoneCh() <-chan struct{} { 14 | return job.done 15 | } 16 | 17 | // Run is the logic unit of job 18 | func (job *connectControllerJob) Run() { 19 | defer close(job.done) 20 | c := job.connectController 21 | c.Refresh() 22 | } 23 | 24 | // JobName implementation for this job, for logging purposes 25 | func (job *connectControllerJob) JobName() string { 26 | return "fsm-connector-controller-job" 27 | } 28 | -------------------------------------------------------------------------------- /pkg/connector/cli/pod.go: -------------------------------------------------------------------------------- 1 | package cli 2 | 3 | import ( 4 | "context" 5 | "fmt" 6 | "os" 7 | 8 | corev1 "k8s.io/api/core/v1" 9 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 10 | "k8s.io/client-go/kubernetes" 11 | ) 12 | 13 | // GetConnectorPod returns the fsm connector pod spec. 14 | // The pod name is inferred from the 'CONNECTOR_POD_NAME' env variable which is set during deployment. 15 | func GetConnectorPod(kubeClient kubernetes.Interface) (*corev1.Pod, error) { 16 | podName := os.Getenv("CONNECTOR_POD_NAME") 17 | if podName == "" { 18 | return nil, fmt.Errorf("CONNECTOR_POD_NAME env variable cannot be empty") 19 | } 20 | 21 | pod, err := kubeClient.CoreV1().Pods(Cfg.FsmNamespace).Get(context.TODO(), podName, metav1.GetOptions{}) 22 | if err != nil { 23 | return nil, err 24 | } 25 | 26 | return pod, nil 27 | } 28 | -------------------------------------------------------------------------------- /pkg/connector/provider/log.go: -------------------------------------------------------------------------------- 1 | package provider 2 | 3 | import "github.com/flomesh-io/fsm/pkg/logger" 4 | 5 | var ( 6 | log = logger.New("connector-provider") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/constants/suite_test.go: -------------------------------------------------------------------------------- 1 | package constants 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestConstants(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Constants Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/context/utils.go: -------------------------------------------------------------------------------- 1 | package context 2 | 3 | import ( 4 | "context" 5 | "errors" 6 | ) 7 | 8 | func ToControllerContext(ctx context.Context) (*ControllerContext, error) { 9 | if ctx == nil { 10 | return nil, errors.New("missing Context") 11 | } 12 | 13 | parentCtx := ctx.Value(&ControllerCtxKey) 14 | if parentCtx == nil { 15 | return nil, errors.New("missing Controller Context") 16 | } 17 | 18 | if cc, ok := parentCtx.(*ControllerContext); ok { 19 | return cc, nil 20 | } 21 | 22 | return nil, errors.New("invalid Controller Context") 23 | } 24 | -------------------------------------------------------------------------------- /pkg/controllers/gateway/v1alpha2/types.go: -------------------------------------------------------------------------------- 1 | // Package v1alpha2 contains controllers logic for the Gateway API v1alpha2. 2 | package v1alpha2 3 | 4 | import "github.com/flomesh-io/fsm/pkg/logger" 5 | 6 | var ( 7 | log = logger.New("gatewayapi-controller/v1alpha2") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/dns/types.go: -------------------------------------------------------------------------------- 1 | package dns 2 | 3 | import ( 4 | "github.com/flomesh-io/fsm/pkg/logger" 5 | ) 6 | 7 | var ( 8 | log = logger.New("dns-proxy") 9 | ) 10 | -------------------------------------------------------------------------------- /pkg/endpoint/endpoint_test.go: -------------------------------------------------------------------------------- 1 | package endpoint 2 | 3 | import ( 4 | "net" 5 | "testing" 6 | 7 | tassert "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func Test(t *testing.T) { 11 | assert := tassert.New(t) 12 | ept := Endpoint{ 13 | IP: net.ParseIP("9.9.9.9"), 14 | Port: 1234, 15 | } 16 | assert.Equal(ept.String(), "(ip=9.9.9.9, port=1234)") 17 | } 18 | -------------------------------------------------------------------------------- /pkg/flb/types.go: -------------------------------------------------------------------------------- 1 | // Package flb contains controller logic for the flb 2 | package flb 3 | 4 | import "github.com/flomesh-io/fsm/pkg/logger" 5 | 6 | var ( 7 | log = logger.New("flb-utilities") 8 | ) 9 | 10 | type TLSSecretMode string 11 | 12 | const ( 13 | TLSSecretModeLocal TLSSecretMode = "local" 14 | TLSSecretModeRemote TLSSecretMode = "remote" 15 | ) 16 | 17 | // FLB API paths 18 | const ( 19 | AuthAPIPath = "/api/auth/local" 20 | UpdateServiceAPIPath = "/api/l-4-lbs/updateservice" 21 | DeleteServiceAPIPath = "/api/l-4-lbs/updateservice/delete" 22 | CertAPIPath = "/api/updatecertificate" 23 | DeleteCertAPIPath = "/api/deleteCertificates" 24 | ) 25 | -------------------------------------------------------------------------------- /pkg/gateway/processor/triggers/extension/types.go: -------------------------------------------------------------------------------- 1 | package extension 2 | 3 | import "github.com/flomesh-io/fsm/pkg/logger" 4 | 5 | var ( 6 | log = logger.New("fsm-gateway/trigger-extension") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/gateway/processor/triggers/gateway/gatewayclasses_trigger.go: -------------------------------------------------------------------------------- 1 | package gateway 2 | 3 | import "github.com/flomesh-io/fsm/pkg/gateway/processor" 4 | 5 | // GatewayClassesTrigger is responsible for processing GatewayClass objects 6 | type GatewayClassesTrigger struct{} 7 | 8 | // Insert adds the GatewayClass object to the processor and returns true if the processor was modified 9 | func (p *GatewayClassesTrigger) Insert(obj interface{}, processor processor.Processor) bool { 10 | return true 11 | } 12 | 13 | // Delete removes the GatewayClass object from the processor and returns true if the processor was modified 14 | func (p *GatewayClassesTrigger) Delete(obj interface{}, processor processor.Processor) bool { 15 | return true 16 | } 17 | -------------------------------------------------------------------------------- /pkg/gateway/processor/triggers/gateway/types.go: -------------------------------------------------------------------------------- 1 | package gateway 2 | 3 | import "github.com/flomesh-io/fsm/pkg/logger" 4 | 5 | var ( 6 | log = logger.New("fsm-gateway/trigger-gw") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/gateway/processor/triggers/k8s/types.go: -------------------------------------------------------------------------------- 1 | package triggers 2 | 3 | import "github.com/flomesh-io/fsm/pkg/logger" 4 | 5 | var ( 6 | log = logger.New("fsm-gateway/trigger-k8s") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/gateway/processor/triggers/policy/v2/types.go: -------------------------------------------------------------------------------- 1 | package v2 2 | 3 | import "github.com/flomesh-io/fsm/pkg/logger" 4 | 5 | var ( 6 | log = logger.New("fsm-gateway/trigger/policy-v2") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/gateway/repo/jobs.go: -------------------------------------------------------------------------------- 1 | package repo 2 | 3 | import "github.com/flomesh-io/fsm/pkg/gateway/processor" 4 | 5 | // GatewayConfGeneratorJob is the job to generate pipy policy json 6 | type GatewayConfGeneratorJob struct { 7 | processor processor.Processor 8 | 9 | // Optional waiter 10 | done chan struct{} 11 | } 12 | 13 | // GetDoneCh returns the channel, which when closed, indicates the job has been finished. 14 | func (job *GatewayConfGeneratorJob) GetDoneCh() <-chan struct{} { 15 | return job.done 16 | } 17 | 18 | // Run is the logic unit of job 19 | func (job *GatewayConfGeneratorJob) Run() { 20 | defer close(job.done) 21 | 22 | job.processor.BuildConfigs() 23 | } 24 | 25 | // JobName implementation for this job, for logging purposes 26 | func (job *GatewayConfGeneratorJob) JobName() string { 27 | return "gateway-cfg-job" 28 | } 29 | -------------------------------------------------------------------------------- /pkg/gateway/status/routes/utils.go: -------------------------------------------------------------------------------- 1 | package routes 2 | 3 | func isSupportedAppProtocol(appProtocol string, allowedAppProtocols []string) bool { 4 | for _, allowed := range allowedAppProtocols { 5 | if appProtocol == allowed { 6 | return true 7 | } 8 | } 9 | 10 | return false 11 | } 12 | -------------------------------------------------------------------------------- /pkg/gateway/utils/endpoints.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | corev1 "k8s.io/api/core/v1" 5 | "k8s.io/apimachinery/pkg/util/intstr" 6 | ) 7 | 8 | // FindEndpointPort finds the port in the EndpointPort slice that matches the ServicePort. 9 | func FindEndpointPort(ports []corev1.EndpointPort, svcPort corev1.ServicePort) int32 { 10 | for i, epPort := range ports { 11 | if svcPort.Name == "" { 12 | // port.Name is optional if there is only one port 13 | return epPort.Port 14 | } 15 | 16 | if svcPort.Name == epPort.Name { 17 | return epPort.Port 18 | } 19 | 20 | if i == len(ports)-1 && svcPort.TargetPort.Type == intstr.Int { 21 | return svcPort.TargetPort.IntVal 22 | } 23 | } 24 | 25 | return 0 26 | } 27 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1alpha1 17 | 18 | type MeshConfigExpansion interface{} 19 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha2/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha2 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha2/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha2/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1alpha2 17 | 18 | type MeshConfigExpansion interface{} 19 | 20 | type MeshRootCertificateExpansion interface{} 21 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha3/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha3 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha3/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/config/clientset/versioned/typed/config/v1alpha3/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1alpha3 17 | 18 | type MeshConfigExpansion interface{} 19 | 20 | type MeshRootCertificateExpansion interface{} 21 | -------------------------------------------------------------------------------- /pkg/gen/client/connector/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/connector/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/connector/clientset/versioned/typed/connector/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/connector/clientset/versioned/typed/connector/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/extension/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/extension/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/extension/clientset/versioned/typed/extension/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/extension/clientset/versioned/typed/extension/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/machine/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/machine/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/machine/clientset/versioned/typed/machine/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/machine/clientset/versioned/typed/machine/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/machine/clientset/versioned/typed/machine/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1alpha1 17 | 18 | type VirtualMachineExpansion interface{} 19 | -------------------------------------------------------------------------------- /pkg/gen/client/multicluster/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/multicluster/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/multicluster/clientset/versioned/typed/multicluster/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/multicluster/clientset/versioned/typed/multicluster/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/namespacedingress/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/namespacedingress/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/namespacedingress/clientset/versioned/typed/namespacedingress/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/namespacedingress/clientset/versioned/typed/namespacedingress/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/namespacedingress/clientset/versioned/typed/namespacedingress/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1alpha1 17 | 18 | type NamespacedIngressExpansion interface{} 19 | -------------------------------------------------------------------------------- /pkg/gen/client/networking/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/networking/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/networking/clientset/versioned/typed/networking/v1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/networking/clientset/versioned/typed/networking/v1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/networking/clientset/versioned/typed/networking/v1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1 17 | 18 | type IngressClassExpansion interface{} 19 | -------------------------------------------------------------------------------- /pkg/gen/client/plugin/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/plugin/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/plugin/clientset/versioned/typed/plugin/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/plugin/clientset/versioned/typed/plugin/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policy/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policy/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policy/clientset/versioned/typed/policy/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policy/clientset/versioned/typed/policy/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policyattachment/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policyattachment/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policyattachment/clientset/versioned/typed/policyattachment/v1alpha2/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha2 18 | -------------------------------------------------------------------------------- /pkg/gen/client/policyattachment/clientset/versioned/typed/policyattachment/v1alpha2/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/traffic/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/traffic/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/traffic/clientset/versioned/typed/traffic/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/traffic/clientset/versioned/typed/traffic/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/traffic/clientset/versioned/typed/traffic/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1alpha1 17 | 18 | type HTTPTrafficRuleExpansion interface{} 19 | 20 | type TrafficSplitExpansion interface{} 21 | -------------------------------------------------------------------------------- /pkg/gen/client/xnetwork/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated fake clientset. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/xnetwork/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package contains the scheme of the automatically generated clientset. 17 | package scheme 18 | -------------------------------------------------------------------------------- /pkg/gen/client/xnetwork/clientset/versioned/typed/xnetwork/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // This package has the automatically generated typed clients. 17 | package v1alpha1 18 | -------------------------------------------------------------------------------- /pkg/gen/client/xnetwork/clientset/versioned/typed/xnetwork/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | // Package fake has the automatically generated clients. 17 | package fake 18 | -------------------------------------------------------------------------------- /pkg/gen/client/xnetwork/clientset/versioned/typed/xnetwork/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Licensed under the Apache License, Version 2.0 (the "License"); 3 | you may not use this file except in compliance with the License. 4 | You may obtain a copy of the License at 5 | 6 | http://www.apache.org/licenses/LICENSE-2.0 7 | 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | // Code generated by client-gen. DO NOT EDIT. 15 | 16 | package v1alpha1 17 | 18 | type AccessControlExpansion interface{} 19 | 20 | type EIPAdvertisementExpansion interface{} 21 | -------------------------------------------------------------------------------- /pkg/health/suite_test.go: -------------------------------------------------------------------------------- 1 | package health 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestHealth(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Health Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/helm/types.go: -------------------------------------------------------------------------------- 1 | // Package helm provides utilities for helm 2 | package helm 3 | 4 | import ( 5 | "k8s.io/apimachinery/pkg/api/meta" 6 | "k8s.io/client-go/dynamic" 7 | 8 | "github.com/flomesh-io/fsm/pkg/logger" 9 | ) 10 | 11 | var ( 12 | log = logger.NewPretty("helm-utilities") 13 | ) 14 | 15 | type YAMLHandlerFunc func(dynamicClient dynamic.Interface, mapper meta.RESTMapper, manifest string) error 16 | -------------------------------------------------------------------------------- /pkg/ingress/access.go: -------------------------------------------------------------------------------- 1 | package ingress 2 | -------------------------------------------------------------------------------- /pkg/ingress/types.go: -------------------------------------------------------------------------------- 1 | // Package ingress implements functionality to monitor and retrieve Kubernetes Ingress resources. 2 | package ingress 3 | 4 | import ( 5 | "k8s.io/client-go/kubernetes" 6 | 7 | "github.com/flomesh-io/fsm/pkg/certificate" 8 | "github.com/flomesh-io/fsm/pkg/configurator" 9 | "github.com/flomesh-io/fsm/pkg/k8s" 10 | "github.com/flomesh-io/fsm/pkg/logger" 11 | "github.com/flomesh-io/fsm/pkg/messaging" 12 | ) 13 | 14 | var ( 15 | log = logger.New("ingress") 16 | ) 17 | 18 | // client is a struct for all components necessary to connect to and maintain state of a Kubernetes cluster. 19 | type client struct { 20 | kubeClient kubernetes.Interface 21 | kubeController k8s.Controller 22 | cfg configurator.Configurator 23 | certProvider *certificate.Manager 24 | msgBroker *messaging.Broker 25 | } 26 | -------------------------------------------------------------------------------- /pkg/injector/errors.go: -------------------------------------------------------------------------------- 1 | package injector 2 | 3 | import "fmt" 4 | 5 | var ( 6 | errNamespaceNotFound = fmt.Errorf("namespace not found") 7 | errNilAdmissionRequest = fmt.Errorf("nil admission request") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/injector/suite_test.go: -------------------------------------------------------------------------------- 1 | package injector 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestInjector(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Injector Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/injector/volumes.go: -------------------------------------------------------------------------------- 1 | package injector 2 | 3 | import ( 4 | corev1 "k8s.io/api/core/v1" 5 | ) 6 | 7 | // GetVolumeSpec returns a volume to add to the POD 8 | func GetVolumeSpec(sidecarBootstrapConfigName string) corev1.Volume { 9 | return corev1.Volume{ 10 | Name: SidecarBootstrapConfigVolume, 11 | VolumeSource: corev1.VolumeSource{ 12 | Secret: &corev1.SecretVolumeSource{ 13 | SecretName: sidecarBootstrapConfigName, 14 | }, 15 | }, 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /pkg/injector/volumes_test.go: -------------------------------------------------------------------------------- 1 | package injector 2 | 3 | import ( 4 | . "github.com/onsi/ginkgo" 5 | . "github.com/onsi/gomega" 6 | 7 | corev1 "k8s.io/api/core/v1" 8 | ) 9 | 10 | var _ = Describe("Test volume functions", func() { 11 | Context("Test GetVolumeSpec", func() { 12 | It("creates volume spec", func() { 13 | actual := GetVolumeSpec("-sidecar-config-") 14 | expected := corev1.Volume{ 15 | Name: "sidecar-bootstrap-config-volume", 16 | VolumeSource: corev1.VolumeSource{ 17 | Secret: &corev1.SecretVolumeSource{ 18 | SecretName: "-sidecar-config-", 19 | }, 20 | }} 21 | Expect(actual).To(Equal(expected)) 22 | }) 23 | }) 24 | }) 25 | -------------------------------------------------------------------------------- /pkg/k8s/fake/fake.go: -------------------------------------------------------------------------------- 1 | // Package fake implements Fake's methods. 2 | package fake 3 | 4 | import ( 5 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 6 | "k8s.io/client-go/discovery" 7 | ) 8 | 9 | // DiscoveryClient is a fake client for k8s API discovery 10 | type DiscoveryClient struct { 11 | discovery.ServerResourcesInterface 12 | Resources map[string]metav1.APIResourceList 13 | Err error 14 | } 15 | 16 | // ServerResourcesForGroupVersion returns the supported resources for a group and version. 17 | func (f *DiscoveryClient) ServerResourcesForGroupVersion(groupVersion string) (*metav1.APIResourceList, error) { 18 | resp := f.Resources[groupVersion] 19 | return &resp, f.Err 20 | } 21 | -------------------------------------------------------------------------------- /pkg/k8s/fsm_controller.go: -------------------------------------------------------------------------------- 1 | package k8s 2 | 3 | import ( 4 | "context" 5 | 6 | corev1 "k8s.io/api/core/v1" 7 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 8 | "k8s.io/apimachinery/pkg/labels" 9 | "k8s.io/client-go/kubernetes" 10 | 11 | "github.com/flomesh-io/fsm/pkg/constants" 12 | ) 13 | 14 | // GetFSMControllerPods returns a list of fsm-controller pods in the namespace 15 | func GetFSMControllerPods(clientSet kubernetes.Interface, ns string) *corev1.PodList { 16 | labelSelector := metav1.LabelSelector{MatchLabels: map[string]string{constants.AppLabel: constants.FSMControllerName}} 17 | listOptions := metav1.ListOptions{ 18 | LabelSelector: labels.Set(labelSelector.MatchLabels).String(), 19 | } 20 | podList, _ := clientSet.CoreV1().Pods(ns).List(context.TODO(), listOptions) 21 | return podList 22 | } 23 | -------------------------------------------------------------------------------- /pkg/k8s/fsm_injector.go: -------------------------------------------------------------------------------- 1 | package k8s 2 | 3 | import ( 4 | "context" 5 | 6 | corev1 "k8s.io/api/core/v1" 7 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 8 | "k8s.io/apimachinery/pkg/labels" 9 | "k8s.io/client-go/kubernetes" 10 | 11 | "github.com/flomesh-io/fsm/pkg/constants" 12 | ) 13 | 14 | // GetFSMInjectorPods returns a list of fsm-injector pods in the namespace 15 | func GetFSMInjectorPods(clientSet kubernetes.Interface, ns string) *corev1.PodList { 16 | labelSelector := metav1.LabelSelector{MatchLabels: map[string]string{constants.AppLabel: constants.FSMInjectorName}} 17 | listOptions := metav1.ListOptions{ 18 | LabelSelector: labels.Set(labelSelector.MatchLabels).String(), 19 | } 20 | podList, _ := clientSet.CoreV1().Pods(ns).List(context.TODO(), listOptions) 21 | return podList 22 | } 23 | -------------------------------------------------------------------------------- /pkg/k8s/types_test.go: -------------------------------------------------------------------------------- 1 | package k8s 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestEventTypeString(t *testing.T) { 10 | assert := tassert.New(t) 11 | 12 | expected := "test-content" 13 | actual := EventType(expected).String() 14 | assert.Equal(actual, expected) 15 | } 16 | -------------------------------------------------------------------------------- /pkg/manager/basic/types.go: -------------------------------------------------------------------------------- 1 | // Package basic contains the basic utilities for the FSM manager 2 | package basic 3 | 4 | import "github.com/flomesh-io/fsm/pkg/logger" 5 | 6 | var ( 7 | log = logger.New("fsm-manager/basic") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/manager/logging/types.go: -------------------------------------------------------------------------------- 1 | // Package logging contains the logging utilities for the FSM manager 2 | package logging 3 | 4 | import "github.com/flomesh-io/fsm/pkg/logger" 5 | 6 | var ( 7 | log = logger.New("fsm-manager/logging") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/manager/utils/types.go: -------------------------------------------------------------------------------- 1 | // Package utils provides utility functions for the manager 2 | package utils 3 | 4 | import "github.com/flomesh-io/fsm/pkg/logger" 5 | 6 | var ( 7 | log = logger.New("fsm-manager/utils") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/mcs/config/types.go: -------------------------------------------------------------------------------- 1 | // Package config contains the configuration for the mcs controller 2 | package config 3 | 4 | import "github.com/flomesh-io/fsm/pkg/logger" 5 | 6 | var ( 7 | log = logger.New("mcs-config") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/mesh/mesh.go: -------------------------------------------------------------------------------- 1 | // Package mesh implements the mesh methods. 2 | package mesh 3 | 4 | import ( 5 | "github.com/google/uuid" 6 | corev1 "k8s.io/api/core/v1" 7 | 8 | "github.com/flomesh-io/fsm/pkg/constants" 9 | ) 10 | 11 | // ProxyLabelExists returns a boolean indicating if the pod is part of a mesh. 12 | // Note that this is NOT a definitive check indicating pod membership in a mesh 13 | // as the label may continue to exist even if the pod is removed from the mesh. 14 | func ProxyLabelExists(pod corev1.Pod) bool { 15 | // fsm-controller adds a unique label to a pod when it is added to a mesh 16 | proxyUUID, proxyLabelSet := pod.Labels[constants.SidecarUniqueIDLabelName] 17 | return proxyLabelSet && isValidUUID(proxyUUID) 18 | } 19 | 20 | func isValidUUID(u string) bool { 21 | _, err := uuid.Parse(u) 22 | return err == nil 23 | } 24 | -------------------------------------------------------------------------------- /pkg/messaging/workqueue_test.go: -------------------------------------------------------------------------------- 1 | package messaging 2 | 3 | import ( 4 | "testing" 5 | "time" 6 | 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestProcessNextItem(t *testing.T) { 11 | a := assert.New(t) 12 | stop := make(chan struct{}) 13 | defer close(stop) 14 | 15 | b := NewBroker(stop) 16 | 17 | // Verify that a non PubSubMessage does not panic 18 | b.queue.AddRateLimited("string") 19 | a.Eventually(func() bool { 20 | return b.GetTotalQEventCount() == 1 21 | }, 100*time.Millisecond, 10*time.Millisecond) 22 | 23 | // Verify queue shutdown is graceful 24 | b.queue.ShutDown() 25 | } 26 | -------------------------------------------------------------------------------- /pkg/models/types.go: -------------------------------------------------------------------------------- 1 | package models 2 | 3 | import ( 4 | "time" 5 | 6 | "github.com/google/uuid" 7 | 8 | "github.com/flomesh-io/fsm/pkg/identity" 9 | ) 10 | 11 | // TypeURI is a string describing the sidecar xDS payload. 12 | type TypeURI string 13 | 14 | func (t TypeURI) String() string { 15 | return string(t) 16 | } 17 | 18 | // ProxyKind is the type used to define the proxy's kind 19 | type ProxyKind string 20 | 21 | const ( 22 | // KindSidecar implies the proxy is a sidecar 23 | KindSidecar ProxyKind = "sidecar" 24 | ) 25 | 26 | // Proxy is an interface providing adaptiving proxies of multiple sidecars 27 | type Proxy interface { 28 | GetUUID() uuid.UUID 29 | GetIdentity() identity.ServiceIdentity 30 | GetPodName() string 31 | GetPodNamespace() string 32 | GetConnectedAt() time.Time 33 | } 34 | -------------------------------------------------------------------------------- /pkg/multicluster/errors.go: -------------------------------------------------------------------------------- 1 | package multicluster 2 | 3 | import "fmt" 4 | 5 | var ( 6 | errServiceNotFound = fmt.Errorf("Service not found") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/providers/fsm/types.go: -------------------------------------------------------------------------------- 1 | package fsm 2 | 3 | import ( 4 | "github.com/flomesh-io/fsm/pkg/configurator" 5 | "github.com/flomesh-io/fsm/pkg/multicluster" 6 | ) 7 | 8 | const ( 9 | // providerName is the name of the Flomesh client that implements service.Provider and endpoint.Provider interfaces 10 | providerName = "flomesh" 11 | ) 12 | 13 | // client is the type used to represent the k8s client for endpoints and service provider 14 | type client struct { 15 | multiclusterController multicluster.Controller 16 | meshConfigurator configurator.Configurator 17 | } 18 | -------------------------------------------------------------------------------- /pkg/providers/kube/suite_test.go: -------------------------------------------------------------------------------- 1 | package kube 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestKubeProvider(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Kube Provider Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/providers/kube/types.go: -------------------------------------------------------------------------------- 1 | package kube 2 | 3 | import ( 4 | "github.com/flomesh-io/fsm/pkg/configurator" 5 | "github.com/flomesh-io/fsm/pkg/k8s" 6 | "github.com/flomesh-io/fsm/pkg/logger" 7 | ) 8 | 9 | const ( 10 | // providerName is the name of the Kubernetes client that implements service.Provider and endpoint.Provider interfaces 11 | providerName = "kubernetes" 12 | ) 13 | 14 | var ( 15 | log = logger.New("kube-provider") 16 | ) 17 | 18 | // client is the type used to represent the k8s client for endpoints and service provider 19 | type client struct { 20 | kubeController k8s.Controller 21 | meshConfigurator configurator.Configurator 22 | } 23 | -------------------------------------------------------------------------------- /pkg/reconciler/errors.go: -------------------------------------------------------------------------------- 1 | package reconciler 2 | 3 | import "fmt" 4 | 5 | var ( 6 | errSyncingCaches = fmt.Errorf("Failed initial cache sync for reconciler informers") 7 | errInitInformers = fmt.Errorf("Informer not initialized") 8 | ) 9 | -------------------------------------------------------------------------------- /pkg/service/service.go: -------------------------------------------------------------------------------- 1 | package service 2 | 3 | var ( 4 | trustDomain = `cluster.local` 5 | ) 6 | 7 | // SetTrustDomain sets the trust domain 8 | func SetTrustDomain(domain string) { 9 | if len(domain) > 0 { 10 | trustDomain = domain 11 | } 12 | } 13 | 14 | // GetTrustDomain returns the trust domain 15 | func GetTrustDomain() string { 16 | return trustDomain 17 | } 18 | 19 | // ServerName returns the Server Name Identifier (SNI) for TLS connections 20 | func (ms MeshService) ServerName() string { 21 | return ms.FQDN() 22 | } 23 | -------------------------------------------------------------------------------- /pkg/service/suite_test.go: -------------------------------------------------------------------------------- 1 | package service 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestService(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/bootstrap/config.go: -------------------------------------------------------------------------------- 1 | package bootstrap 2 | 3 | const ( 4 | // PipyBootstrapConfigFile is the name Pipy bootstrap configuration file 5 | PipyBootstrapConfigFile = "bootstrap.yaml" 6 | 7 | // PipyProxyConfigPath is the path where the Sidecar bootstrap config info is located 8 | PipyProxyConfigPath = "/etc/pipy" 9 | 10 | // PipyRepoCACertFile is the name of the Pipy Repo CA certificate file 11 | PipyRepoCACertFile = "cacert.pem" 12 | 13 | // PipyRepoCertFile is the name of the Pipy Repo certificate file 14 | PipyRepoCertFile = "repo_cert.pem" 15 | 16 | // PipyRepoKeyFile is the name of the Pipy Repo private key file 17 | PipyRepoKeyFile = "repo_key.pem" 18 | ) 19 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/driver/init.go: -------------------------------------------------------------------------------- 1 | package driver 2 | 3 | import ( 4 | sidecarv1 "github.com/flomesh-io/fsm/pkg/sidecar/v1" 5 | ) 6 | 7 | const ( 8 | driverName = `pipy` 9 | ) 10 | 11 | func init() { 12 | sidecarv1.Register(driverName, new(PipySidecarDriver)) 13 | } 14 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/driver/types.go: -------------------------------------------------------------------------------- 1 | package driver 2 | 3 | import ( 4 | "github.com/flomesh-io/fsm/pkg/logger" 5 | ) 6 | 7 | var log = logger.New("sidecar-pipy") 8 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/registry/debugger.go: -------------------------------------------------------------------------------- 1 | package registry 2 | 3 | import ( 4 | "github.com/flomesh-io/fsm/pkg/models" 5 | "github.com/flomesh-io/fsm/pkg/sidecar/v1/providers/pipy" 6 | ) 7 | 8 | // ListConnectedProxies lists the Pipy proxies already connected and the time they first connected. 9 | func (pr *ProxyRegistry) ListConnectedProxies() map[string]models.Proxy { 10 | proxies := make(map[string]models.Proxy) 11 | connectedProxies.Range(func(keyIface, propsIface interface{}) bool { 12 | uuid := keyIface.(string) 13 | proxies[uuid] = propsIface.(*pipy.Proxy) 14 | return true // continue the iteration 15 | }) 16 | return proxies 17 | } 18 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/registry/types.go: -------------------------------------------------------------------------------- 1 | package registry 2 | 3 | import ( 4 | "sync" 5 | 6 | "github.com/flomesh-io/fsm/pkg/logger" 7 | "github.com/flomesh-io/fsm/pkg/messaging" 8 | ) 9 | 10 | var log = logger.New("proxy-registry") 11 | 12 | var ( 13 | lock sync.Mutex 14 | connectedProxies sync.Map 15 | ) 16 | 17 | // ProxyRegistry keeps track of Sidecar proxies as they connect and disconnect 18 | // from the control plane. 19 | type ProxyRegistry struct { 20 | ProxyServiceMapper 21 | 22 | msgBroker *messaging.Broker 23 | 24 | // Fire a inform to update proxies 25 | UpdateProxies func() 26 | } 27 | 28 | // A simple interface to release certificates. Created to abstract the certificate.Manager struct for testing purposes. 29 | type certificateReleaser interface { 30 | ReleaseCertificate(key string) 31 | } 32 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/codebase/config.json: -------------------------------------------------------------------------------- 1 | {} 2 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/codebase/modules/inbound-http-default.js: -------------------------------------------------------------------------------- 1 | pipy({ 2 | _proxyError: false, 3 | }) 4 | 5 | .import({ 6 | __route: 'inbound-http-routing', 7 | }) 8 | 9 | .pipeline() 10 | .handleMessageStart( 11 | msg => ( 12 | _proxyError = Boolean(msg?.head?.headers?.['x-forwarded-for']) 13 | ) 14 | ) 15 | .replaceData() 16 | .branch( 17 | () => _proxyError, ( 18 | $=>$.replaceMessage( 19 | new Message({ status: 502 }, 'Proxy Error') 20 | ) 21 | ), 22 | 23 | () => !__route, ( 24 | $=>$.replaceMessage( 25 | new Message({ 26 | status: 403 27 | }, 28 | 'Access denied' 29 | ) 30 | ) 31 | ), 32 | 33 | ( 34 | $=>$.replaceMessage( 35 | new Message({ 36 | status: 404 37 | }, 'Not found' 38 | ) 39 | ) 40 | ) 41 | ) -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/codebase/modules/inbound-metrics-http.js: -------------------------------------------------------------------------------- 1 | (( 2 | { 3 | identity, 4 | metricsCache, 5 | } = pipy.solve('metrics.js'), 6 | ) => ( 7 | 8 | pipy() 9 | 10 | .import({ 11 | __cluster: 'inbound-http-routing', 12 | }) 13 | 14 | .pipeline() 15 | .chain() 16 | .handleMessageStart( 17 | (msg) => ( 18 | ( 19 | headers = msg?.head?.headers, 20 | metrics = metricsCache.get(__cluster?.name), 21 | ) => ( 22 | headers && ( 23 | headers['fsm-stats'] = identity, 24 | metrics.upstreamResponseTotal.increase(), 25 | metrics.upstreamResponseCode.withLabels(msg?.head?.status / 100).increase() 26 | ) 27 | ) 28 | )() 29 | ) 30 | 31 | ))() -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/codebase/modules/inbound-tcp-default.js: -------------------------------------------------------------------------------- 1 | pipy() 2 | 3 | .pipeline() 4 | .replaceStreamStart( 5 | new StreamEnd('ConnectionReset') 6 | ) 7 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/codebase/modules/outbound-http-default.js: -------------------------------------------------------------------------------- 1 | pipy() 2 | 3 | .import({ 4 | __route: 'outbound-http-routing', 5 | }) 6 | 7 | .pipeline() 8 | .replaceData() 9 | .branch( 10 | () => !__route, ( 11 | $=>$.replaceMessage( 12 | new Message({ 13 | status: 403 14 | }, 15 | 'Access denied' 16 | ) 17 | ) 18 | ), 19 | 20 | ( 21 | $=>$.replaceMessage( 22 | new Message({ 23 | status: 404 24 | }, 'Not found' 25 | ) 26 | ) 27 | ) 28 | ) -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/codebase/modules/outbound-tcp-default.js: -------------------------------------------------------------------------------- 1 | pipy() 2 | 3 | .pipeline() 4 | .replaceStreamStart( 5 | new StreamEnd('ConnectionReset') 6 | ) 7 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/errors.go: -------------------------------------------------------------------------------- 1 | package repo 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | var errTooManyConnections = fmt.Errorf("too many connections") 8 | var errServiceAccountMismatch = fmt.Errorf("service account mismatch in nodeid vs xds certificate common name") 9 | -------------------------------------------------------------------------------- /pkg/sidecar/v1/providers/pipy/repo/health.go: -------------------------------------------------------------------------------- 1 | package repo 2 | 3 | // Liveness is the Kubernetes liveness probe handler. 4 | func (s *Server) Liveness() bool { 5 | return true 6 | } 7 | 8 | // Readiness is the Kubernetes readiness probe handler. 9 | func (s *Server) Readiness() bool { 10 | return s.ready 11 | } 12 | 13 | // GetID returns the ID of the probe 14 | func (s *Server) GetID() string { 15 | return ServerType 16 | } 17 | -------------------------------------------------------------------------------- /pkg/smi/errors.go: -------------------------------------------------------------------------------- 1 | package smi 2 | 3 | import "fmt" 4 | 5 | var ( 6 | errSMICrds = fmt.Errorf("missing SMI CRDs") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/smi/suite_test.go: -------------------------------------------------------------------------------- 1 | package smi 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestSMI(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "SMI Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/strings/all.go: -------------------------------------------------------------------------------- 1 | // Package strings implements utility routines related to the string type. 2 | package strings 3 | 4 | // All is slice of strings 5 | type All []string 6 | 7 | // Equal checks if a string exists in a slice of strings 8 | func (all All) Equal(rightSide string) bool { 9 | for _, leftSide := range all { 10 | if leftSide != rightSide { 11 | return false 12 | } 13 | } 14 | return true 15 | } 16 | -------------------------------------------------------------------------------- /pkg/strings/all_test.go: -------------------------------------------------------------------------------- 1 | package strings 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestAllEqual(t *testing.T) { 10 | assertion := tassert.New(t) 11 | 12 | listOfAlpha := All{"a", "a"} 13 | listOfStuff := All{"a", "b"} 14 | 15 | assertion.Equal(listOfAlpha.Equal("a"), true) 16 | assertion.Equal(listOfAlpha.Equal("b"), false) 17 | assertion.Equal(listOfStuff.Equal("a"), false) 18 | } 19 | -------------------------------------------------------------------------------- /pkg/strings/which.go: -------------------------------------------------------------------------------- 1 | package strings 2 | 3 | // Which is a slice of strings 4 | type Which []string 5 | 6 | // NotEqual returns a new slice of strings from an existing slice that do not match a given string 7 | func (which Which) NotEqual(rightSide string) []string { 8 | var notEqual []string 9 | for _, leftSide := range which { 10 | if leftSide != rightSide { 11 | notEqual = append(notEqual, leftSide) 12 | } 13 | } 14 | return notEqual 15 | } 16 | -------------------------------------------------------------------------------- /pkg/strings/which_test.go: -------------------------------------------------------------------------------- 1 | package strings 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestWhichNotEqual(t *testing.T) { 10 | assertion := tassert.New(t) 11 | 12 | listOfAlpha := Which{"a", "a"} 13 | listOfStuff := Which{"a", "b"} 14 | 15 | assertion.Nil(listOfAlpha.NotEqual("a")) 16 | assertion.Equal(listOfAlpha.NotEqual("b"), []string{"a", "a"}) 17 | assertion.Equal(listOfStuff.NotEqual("a"), []string{"b"}) 18 | } 19 | -------------------------------------------------------------------------------- /pkg/tests/address.go: -------------------------------------------------------------------------------- 1 | package tests 2 | 3 | import "net" 4 | 5 | type netAddr struct { 6 | address string 7 | } 8 | 9 | // Network implements net.Addr interface 10 | func (a *netAddr) Network() string { 11 | return "mockNetwork" 12 | } 13 | 14 | func (a *netAddr) String() string { 15 | return a.address 16 | } 17 | 18 | // NewMockAddress creates a new net.Addr 19 | func NewMockAddress(address string) net.Addr { 20 | return &netAddr{ 21 | address: address, 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /pkg/tests/mtls.go: -------------------------------------------------------------------------------- 1 | package tests 2 | 3 | import ( 4 | "crypto/tls" 5 | "crypto/x509" 6 | 7 | "google.golang.org/grpc/credentials" 8 | ) 9 | 10 | // NewMockAuthInfo creates a new credentials.AuthInfo 11 | func NewMockAuthInfo(cert *x509.Certificate) credentials.AuthInfo { 12 | return credentials.TLSInfo{ 13 | State: tls.ConnectionState{ 14 | ServerName: "server.name", 15 | VerifiedChains: [][]*x509.Certificate{{cert}}}, 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /pkg/trafficpolicy/plugin_types.go: -------------------------------------------------------------------------------- 1 | package trafficpolicy 2 | 3 | import ( 4 | pluginv1alpha1 "github.com/flomesh-io/fsm/pkg/apis/plugin/v1alpha1" 5 | ) 6 | 7 | // Plugin defines plugin 8 | type Plugin struct { 9 | // Name defines the Name of the plugin. 10 | Name string 11 | 12 | // priority defines the priority of the plugin. 13 | Priority float32 14 | 15 | // Script defines pipy script used by the PlugIn. 16 | Script string 17 | 18 | // BuildIn indicates PlugIn type. 19 | BuildIn bool 20 | } 21 | 22 | // PluginChain defines plugin chain 23 | type PluginChain struct { 24 | pluginv1alpha1.PluginChainSpec 25 | Name string 26 | Namespace string 27 | } 28 | 29 | // PluginConfig defines plugin config 30 | type PluginConfig struct { 31 | pluginv1alpha1.PluginConfigSpec 32 | Name string 33 | Namespace string 34 | } 35 | -------------------------------------------------------------------------------- /pkg/trafficpolicy/service_export_types.go: -------------------------------------------------------------------------------- 1 | package trafficpolicy 2 | 3 | import policyv1alpha1 "github.com/flomesh-io/fsm/pkg/apis/policy/v1alpha1" 4 | 5 | // ServiceExportTrafficPolicy defines the export service policy 6 | type ServiceExportTrafficPolicy struct { 7 | TrafficMatches []*ServiceExportTrafficMatch 8 | HTTPRoutePolicies []*InboundTrafficPolicy 9 | } 10 | 11 | // ServiceExportTrafficMatch defines the attributes to match exported service traffic for a given backend 12 | type ServiceExportTrafficMatch struct { 13 | Name string 14 | Port uint32 15 | Protocol string 16 | SourceIPRanges []string 17 | TLS *policyv1alpha1.TLSSpec 18 | } 19 | -------------------------------------------------------------------------------- /pkg/trafficpolicy/suite_test.go: -------------------------------------------------------------------------------- 1 | package trafficpolicy 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestTrafficPolicy(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Test Suite") 13 | } 14 | -------------------------------------------------------------------------------- /pkg/utils/env.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "os" 5 | "strconv" 6 | ) 7 | 8 | // GetEnv is a convenience wrapper for os.Getenv() with additional default value return 9 | // when empty or unset 10 | func GetEnv(envVar string, defaultValue string) string { 11 | val := os.Getenv(envVar) 12 | if val == "" { 13 | return defaultValue 14 | } 15 | return val 16 | } 17 | 18 | // GetBoolEnv is a convenience wrapper for strconv.ParseBool() 19 | func GetBoolEnv(envVar string) bool { 20 | val := os.Getenv(envVar) 21 | 22 | if val == "" { 23 | return false 24 | } 25 | 26 | if ret, err := strconv.ParseBool(val); err == nil { 27 | return ret 28 | } 29 | 30 | return false 31 | } 32 | -------------------------------------------------------------------------------- /pkg/utils/errors.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "errors" 5 | "fmt" 6 | "strings" 7 | 8 | "k8s.io/apimachinery/pkg/util/sets" 9 | "k8s.io/apimachinery/pkg/util/validation/field" 10 | ) 11 | 12 | // ErrorListToError converts a list of errors to a single error 13 | func ErrorListToError(errorList field.ErrorList) error { 14 | if errorList == nil { 15 | return nil 16 | } 17 | 18 | if len(errorList) == 0 { 19 | return nil 20 | } 21 | 22 | errorMsgs := sets.NewString() 23 | for _, err := range errorList { 24 | msg := fmt.Sprintf("%v", err) 25 | if errorMsgs.Has(msg) { 26 | continue 27 | } 28 | errorMsgs.Insert(msg) 29 | } 30 | 31 | return errors.New(strings.Join(errorMsgs.List(), ", ")) 32 | } 33 | -------------------------------------------------------------------------------- /pkg/utils/hash.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import "time" 4 | 5 | // Hash calculates an FNV-1 hash from a given byte array 6 | func Hash(bytes []byte) uint64 { 7 | if hashCode, err := HashFromString(string(bytes)); err == nil { 8 | return hashCode 9 | } 10 | return uint64(time.Now().Nanosecond()) 11 | } 12 | -------------------------------------------------------------------------------- /pkg/utils/ingress.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | networkingv1 "k8s.io/api/networking/v1" 5 | "k8s.io/client-go/tools/cache" 6 | ) 7 | 8 | // SecretNamespaceAndName returns the namespace and name of the secret. 9 | func SecretNamespaceAndName(secretName string, ing *networkingv1.Ingress) (string, string, error) { 10 | secrNs, secrName, err := cache.SplitMetaNamespaceKey(secretName) 11 | if secrName == "" { 12 | return "", "", err 13 | } 14 | 15 | if secrNs == "" { 16 | return ing.Namespace, secrName, nil 17 | } 18 | 19 | return secrNs, secrName, nil 20 | } 21 | -------------------------------------------------------------------------------- /pkg/utils/ipconv.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "net" 5 | "net/netip" 6 | "strings" 7 | ) 8 | 9 | func IPv4Tov6(ipv41 string) string { 10 | var ipv6 [net.IPv6len]byte 11 | ipv4 := net.ParseIP(ipv41) 12 | 13 | copy(ipv6[:], []byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff}) 14 | copy(ipv6[12:], ipv4.To4()) 15 | 16 | str := netip.AddrFrom16(ipv6).StringExpanded() 17 | 18 | return strings.Replace(str, "0000:0000:0000:0000:0000:ffff", "::ffff", 1) 19 | } 20 | -------------------------------------------------------------------------------- /pkg/utils/json.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | ) 7 | 8 | // PrettyJSON Unmarshals and Marshall again with Indent so it is human readable 9 | func PrettyJSON(js []byte, prefix string) ([]byte, error) { 10 | var jsonObj interface{} 11 | err := json.Unmarshal(js, &jsonObj) 12 | if err != nil { 13 | return nil, fmt.Errorf("Could not Unmarshal a byte array: %w", err) 14 | } 15 | return json.MarshalIndent(jsonObj, prefix, " ") 16 | } 17 | -------------------------------------------------------------------------------- /pkg/utils/log.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import "fmt" 4 | 5 | const ( 6 | logLevelTrace = "trace" 7 | logLevelDebug = "debug" 8 | logLevelInfo = "info" 9 | logLevelWarn = "warn" 10 | logLevelError = "error" 11 | logLevelFatal = "fatal" 12 | logLevelPanic = "panic" 13 | ) 14 | 15 | func PipyLogLevelByVerbosity(verbosity string) string { 16 | switch verbosity { 17 | case logLevelTrace: 18 | return fmt.Sprintf("%s:thread", logLevelDebug) 19 | case logLevelDebug: 20 | return fmt.Sprintf("%s:thread", logLevelDebug) 21 | case logLevelFatal: 22 | return logLevelError 23 | case logLevelPanic: 24 | return logLevelError 25 | case logLevelInfo, logLevelWarn, logLevelError: 26 | return verbosity 27 | default: 28 | // default to error if verbosity is not recognized 29 | return logLevelError 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /pkg/utils/pod.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import corev1 "k8s.io/api/core/v1" 4 | 5 | // IsPodStatusConditionTrue returns true if the pod is ready. 6 | func IsPodStatusConditionTrue(conditions []corev1.PodCondition, conditionType corev1.PodConditionType) bool { 7 | return IsPodStatusConditionPresentAndEqual(conditions, conditionType, corev1.ConditionTrue) 8 | } 9 | 10 | // IsPodStatusConditionPresentAndEqual returns true if the pod has the given condition and status. 11 | func IsPodStatusConditionPresentAndEqual(conditions []corev1.PodCondition, conditionType corev1.PodConditionType, status corev1.ConditionStatus) bool { 12 | for _, condition := range conditions { 13 | if condition.Type == conditionType { 14 | return condition.Status == status 15 | } 16 | } 17 | return false 18 | } 19 | -------------------------------------------------------------------------------- /pkg/utils/serviceaccount.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | corev1 "k8s.io/api/core/v1" 5 | 6 | "github.com/flomesh-io/fsm/pkg/identity" 7 | ) 8 | 9 | // SvcAccountToK8sSvcAccount converts a Kubernetes service to a MeshService. 10 | func SvcAccountToK8sSvcAccount(svcAccount *corev1.ServiceAccount) identity.K8sServiceAccount { 11 | return identity.K8sServiceAccount{ 12 | Namespace: svcAccount.Namespace, 13 | Name: svcAccount.Name, 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /pkg/utils/serviceaccount_test.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | 8 | "github.com/flomesh-io/fsm/pkg/identity" 9 | "github.com/flomesh-io/fsm/pkg/tests" 10 | ) 11 | 12 | func TestSvcAccountToK8sSvcAccount(t *testing.T) { 13 | assert := tassert.New(t) 14 | 15 | sa := tests.NewServiceAccountFixture(tests.BookbuyerServiceAccountName, tests.Namespace) 16 | svcAccount := SvcAccountToK8sSvcAccount(sa) 17 | expectedSvcAccount := identity.K8sServiceAccount{ 18 | Name: tests.BookbuyerServiceAccountName, 19 | Namespace: tests.Namespace, 20 | } 21 | 22 | assert.Equal(svcAccount, expectedSvcAccount) 23 | } 24 | -------------------------------------------------------------------------------- /pkg/utils/slice.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | // StringsEqual compares two string slices and returns true if they are equal. 4 | func StringsEqual(left, right []string) bool { 5 | if len(left) != len(right) { 6 | return false 7 | } 8 | for i := 0; i < len(left); i++ { 9 | if left[i] != right[i] { 10 | return false 11 | } 12 | } 13 | return true 14 | } 15 | -------------------------------------------------------------------------------- /pkg/utils/stringhash.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import "hash/fnv" 4 | 5 | // HashFromString calculates an FNV-1 hash from a given string, 6 | // returns it as a uint64 and error, if any 7 | func HashFromString(s string) (uint64, error) { 8 | h := fnv.New64() 9 | _, err := h.Write([]byte(s)) 10 | if err != nil { 11 | return 0, err 12 | } 13 | 14 | return h.Sum64(), nil 15 | } 16 | -------------------------------------------------------------------------------- /pkg/utils/stringhash_test.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestHashFromString(t *testing.T) { 10 | assert := tassert.New(t) 11 | 12 | stringHash, err := HashFromString("some string") 13 | assert.NoError(err) 14 | assert.NotZero(stringHash) 15 | 16 | emptyStringHash, err := HashFromString("") 17 | assert.NoError(err) 18 | assert.Equal(emptyStringHash, uint64(14695981039346656037)) 19 | 20 | assert.NotEqual(stringHash, emptyStringHash) 21 | } 22 | -------------------------------------------------------------------------------- /pkg/utils/strings.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | // ParseEnabled parses the given string to a boolean value. 8 | func ParseEnabled(enabled string) bool { 9 | switch strings.ToLower(enabled) { 10 | case "1", "t", "true", "y", "yes", "on": 11 | return true 12 | case "0", "f", "false", "n", "no", "off", "": 13 | return false 14 | } 15 | 16 | log.Warn().Msgf("invalid syntax: %s, will be treated as false", enabled) 17 | 18 | return false 19 | } 20 | -------------------------------------------------------------------------------- /pkg/utils/tpl.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "bytes" 5 | "text/template" 6 | ) 7 | 8 | // EvaluateTemplate evaluates the given template with the given data and returns the result as a string. 9 | func EvaluateTemplate(t *template.Template, data interface{}) string { 10 | var tpl bytes.Buffer 11 | if err := t.Execute(&tpl, data); err != nil { 12 | log.Error().Msgf("Not able to parse template to string, %s", err.Error()) 13 | return "" 14 | } 15 | 16 | return tpl.String() 17 | } 18 | -------------------------------------------------------------------------------- /pkg/utils/types.go: -------------------------------------------------------------------------------- 1 | // Package utils provides generic utility routines used within FSM. 2 | package utils 3 | 4 | import ( 5 | "github.com/flomesh-io/fsm/pkg/logger" 6 | ) 7 | 8 | var ( 9 | log = logger.New("utilities") 10 | ) 11 | -------------------------------------------------------------------------------- /pkg/utils/uri.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import "strings" 4 | 5 | // GetLastChunkOfSlashed splits a string by slash and returns the last chunk. 6 | func GetLastChunkOfSlashed(s string) string { 7 | split := strings.Split(s, "/") 8 | return split[len(split)-1] 9 | } 10 | -------------------------------------------------------------------------------- /pkg/utils/uri_test.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "testing" 5 | 6 | tassert "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestGetLastChunkOfSlashed(t *testing.T) { 10 | assert := tassert.New(t) 11 | 12 | type getLastChunkOfSlashedTest struct { 13 | input string 14 | expectedLastChunk string 15 | } 16 | 17 | getLastChunkOfSlashedTests := []getLastChunkOfSlashedTest{ 18 | {"a/b/c", "c"}, 19 | {"abc", "abc"}, 20 | } 21 | 22 | for _, lcst := range getLastChunkOfSlashedTests { 23 | result := GetLastChunkOfSlashed(lcst.input) 24 | 25 | assert.Equal(result, lcst.expectedLastChunk) 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /pkg/utils/userip.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "context" 5 | "net" 6 | 7 | "google.golang.org/grpc/peer" 8 | ) 9 | 10 | // GetIPFromContext obtains the IP address of the caller from the context. 11 | func GetIPFromContext(ctx context.Context) net.Addr { 12 | if clientPeer, ok := peer.FromContext(ctx); ok { 13 | return clientPeer.Addr 14 | } 15 | return nil 16 | } 17 | -------------------------------------------------------------------------------- /pkg/utils/userip_test.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "context" 5 | "net" 6 | "testing" 7 | 8 | tassert "github.com/stretchr/testify/assert" 9 | "google.golang.org/grpc/peer" 10 | 11 | "github.com/flomesh-io/fsm/pkg/tests" 12 | ) 13 | 14 | func TestGetIPFromContext(t *testing.T) { 15 | assert := tassert.New(t) 16 | 17 | ctxList := map[context.Context]net.Addr{ 18 | context.Background(): nil, 19 | peer.NewContext(context.TODO(), &peer.Peer{Addr: tests.NewMockAddress("9.8.7.6")}): tests.NewMockAddress("9.8.7.6"), 20 | } 21 | 22 | for ctx, expectedRes := range ctxList { 23 | result := GetIPFromContext(ctx) 24 | 25 | assert.Equal(expectedRes, result) 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /pkg/utils/util.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "fmt" 5 | "hash/adler32" 6 | 7 | "github.com/mitchellh/hashstructure/v2" 8 | corev1 "k8s.io/api/core/v1" 9 | hashutil "k8s.io/kubernetes/pkg/util/hash" 10 | ) 11 | 12 | // SimpleHash returns a hash string of the given object. 13 | func SimpleHash(obj interface{}) string { 14 | hash, err := hashstructure.Hash(obj, hashstructure.FormatV2, nil) 15 | 16 | if err != nil { 17 | log.Error().Msgf("Not able convert data to hash, error: %s", err.Error()) 18 | return "" 19 | } 20 | 21 | return fmt.Sprintf("%x", hash) 22 | } 23 | 24 | // GetSecretDataHash returns a hash of the given secret data. 25 | func GetSecretDataHash(secret *corev1.Secret) uint32 { 26 | secretDataHasher := adler32.New() 27 | hashutil.DeepHashObject(secretDataHasher, secret.Data) 28 | return secretDataHasher.Sum32() 29 | } 30 | -------------------------------------------------------------------------------- /pkg/utils/yaml.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | pkgerr "github.com/pkg/errors" 5 | "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" 6 | "k8s.io/apimachinery/pkg/runtime/serializer/yaml" 7 | ) 8 | 9 | var ( 10 | decUnstructured = yaml.NewDecodingSerializer(unstructured.UnstructuredJSONScheme) 11 | ) 12 | 13 | // DecodeYamlToUnstructured decodes YAML to Unstructured 14 | func DecodeYamlToUnstructured(data []byte) (*unstructured.Unstructured, error) { 15 | obj := &unstructured.Unstructured{} 16 | _, _, err := decUnstructured.Decode(data, nil, obj) 17 | if err != nil { 18 | return nil, pkgerr.Wrap(err, "Decode YAML to Unstructured failed. ") 19 | } 20 | 21 | return obj, nil 22 | } 23 | -------------------------------------------------------------------------------- /pkg/validator/types.go: -------------------------------------------------------------------------------- 1 | package validator 2 | 3 | import ( 4 | "github.com/flomesh-io/fsm/pkg/logger" 5 | ) 6 | 7 | var log = logger.New(ValidatorWebhookSvc) 8 | -------------------------------------------------------------------------------- /pkg/webhook/builder/types.go: -------------------------------------------------------------------------------- 1 | package builder 2 | 3 | import "github.com/flomesh-io/fsm/pkg/logger" 4 | 5 | var ( 6 | log = logger.New("webhooks/builder") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/webhook/errors.go: -------------------------------------------------------------------------------- 1 | package webhook 2 | 3 | import "fmt" 4 | 5 | var ( 6 | errEmptyAdmissionRequestBody = fmt.Errorf("empty request admission request body") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/bpf/types.go: -------------------------------------------------------------------------------- 1 | package bpf 2 | 3 | const ( 4 | FSM_PROG_NAME = `fsm` 5 | ) 6 | 7 | const ( 8 | FSM_MAP_NAME_CFG = `fsm_xcfg` 9 | FSM_MAP_NAME_ACL = `fsm_xacl` 10 | FSM_MAP_NAME_NAT = `fsm_xnat` 11 | FSM_MAP_NAME_IFS = `fsm_xifs` 12 | ) 13 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/fs/pinning.go: -------------------------------------------------------------------------------- 1 | package fs 2 | 3 | import ( 4 | "path" 5 | 6 | "github.com/flomesh-io/fsm/pkg/xnetwork/xnet/bpf" 7 | ) 8 | 9 | func GetPinningFile(objName string) string { 10 | return path.Join(BPFFSPath, bpf.FSM_PROG_NAME, objName) 11 | } 12 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/fs/types.go: -------------------------------------------------------------------------------- 1 | package fs 2 | 3 | import ( 4 | "path" 5 | "time" 6 | 7 | "github.com/cilium/ebpf/rlimit" 8 | 9 | "github.com/flomesh-io/fsm/pkg/logger" 10 | "github.com/flomesh-io/fsm/pkg/xnetwork/xnet/util" 11 | "github.com/flomesh-io/fsm/pkg/xnetwork/xnet/volume" 12 | ) 13 | 14 | var ( 15 | BPFFSPath = `/sys/fs/bpf` 16 | 17 | log = logger.New("fsm-xnet-bpf-fs") 18 | ) 19 | 20 | func init() { 21 | for !util.Exists(volume.Sysfs.MountPath) { 22 | time.Sleep(time.Second * 2) 23 | } 24 | 25 | BPFFSPath = path.Join(volume.Sysfs.MountPath, `bpf`) 26 | 27 | if err := rlimit.RemoveMemlock(); err != nil { 28 | log.Error().Msgf("remove mem lock error: %v", err) 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/neigh/neigh_darwin.go: -------------------------------------------------------------------------------- 1 | package neigh 2 | 3 | import ( 4 | "net" 5 | ) 6 | 7 | // GratuitousNeighOverIface sends a gratuitous packet over interface 'iface' from 'eip'. 8 | func GratuitousNeighOverIface(ifName string, ifIndex int, eip net.IP, macAddr net.HardwareAddr) { 9 | panic("Unsupported!") 10 | } 11 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/neigh/types.go: -------------------------------------------------------------------------------- 1 | package neigh 2 | 3 | import "github.com/flomesh-io/fsm/pkg/logger" 4 | 5 | var ( 6 | log = logger.New("fsm-xnetwork-neigh") 7 | ) 8 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/route/arping_darwin.go: -------------------------------------------------------------------------------- 1 | package route 2 | 3 | import "net" 4 | 5 | // ARPing sends an arp ping over interface 'iface' to 'dstIP' 6 | func ARPing(srcIP, dstIP net.IP, iface *net.Interface) (net.HardwareAddr, error) { 7 | panic("Unsupported!") 8 | } 9 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/route/gateway_darwin.go: -------------------------------------------------------------------------------- 1 | package route 2 | 3 | import ( 4 | "net" 5 | ) 6 | 7 | func discoverGatewayOSSpecific() (string, net.IP, error) { 8 | return "", nil, &ErrNotImplemented{} 9 | } 10 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/util/file.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | import ( 4 | "k8s.io/utils/mount" 5 | ) 6 | 7 | // Exists checks whether the file exists 8 | func Exists(name string) bool { 9 | if exists, err := mount.PathExists(name); err != nil { 10 | return false 11 | } else { 12 | return exists 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /pkg/xnetwork/xnet/volume/types.go: -------------------------------------------------------------------------------- 1 | package volume 2 | 3 | type HostMount struct { 4 | HostPath string 5 | MountPath string 6 | } 7 | 8 | var ( 9 | Sysfs = HostMount{ 10 | HostPath: "/opt", 11 | MountPath: "/host/sys/fs", 12 | } 13 | 14 | SysRun = HostMount{ 15 | HostPath: "/var/run", 16 | MountPath: "/host/run", 17 | } 18 | ) 19 | -------------------------------------------------------------------------------- /pkg/zookeeper/options.go: -------------------------------------------------------------------------------- 1 | package zookeeper 2 | 3 | import ( 4 | "time" 5 | ) 6 | 7 | // nolint 8 | type options struct { 9 | Client *Client 10 | } 11 | 12 | // Option will define a function of handling Options 13 | type Option func(*options) 14 | 15 | type zkClientOption func(*Client) 16 | 17 | // WithZkTimeOut sets zk Client timeout 18 | func WithZkTimeOut(t time.Duration) zkClientOption { 19 | return func(opt *Client) { 20 | opt.timeout = t 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /scripts/check-scripts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | TEMP_DIR=$(mktemp -d) 4 | tar -C "${TEMP_DIR}" -zxf "${SCRIPTS_TAR}" 5 | 6 | RET=0 7 | diff -qr --exclude="._*" "${TEMP_DIR}/scripts" "${CHART_COMPONENTS_DIR}/scripts" || RET=$? 8 | 9 | if [[ ${RET} -eq 0 ]] 10 | then 11 | echo "${SCRIPTS_TAR} is up to date." 12 | else 13 | echo -e "\nPlease commit the changes made by 'make package-scripts'" 14 | exit 1 15 | fi 16 | -------------------------------------------------------------------------------- /scripts/cleanup/crd-cleanup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # This script is only for cleaning up CRDs if performing an FSM upgrade that includes 4 | # CRD updates. This will delete existing CRDs and Custom Resources. 5 | 6 | # shellcheck disable=SC1091 7 | 8 | kubectl delete --ignore-not-found --recursive -f ./charts/fsm/crds/ 9 | -------------------------------------------------------------------------------- /scripts/flb.yaml: -------------------------------------------------------------------------------- 1 | fsm: 2 | controllerLogLevel: debug 3 | flb: 4 | enabled: true 5 | strictMode: false 6 | secretName: fsm-flb-secret 7 | baseUrl: http://192.168.12.5:30000 8 | username: admin 9 | password: Flomesh@2023 10 | k8sCluster: "test1" 11 | defaultCluster: default 12 | defaultAddressPool: default 13 | defaultAlgo: rr -------------------------------------------------------------------------------- /scripts/generate-dummy-embed.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # This script is used to generate dummy embedded files for CI purposes. 4 | if [ ! -f "cmd/cli/chart.tgz" ]; then 5 | touch cmd/cli/chart.tgz 6 | fi 7 | 8 | if [ ! -f "pkg/controllers/namespacedingress/v1alpha1/chart.tgz" ]; then 9 | touch pkg/controllers/namespacedingress/v1alpha1/chart.tgz 10 | fi 11 | 12 | if [ ! -f "pkg/controllers/gateway/v1/chart.tgz" ]; then 13 | touch pkg/controllers/gateway/v1/chart.tgz 14 | fi 15 | 16 | if [ ! -f "pkg/controllers/connector/v1alpha1/chart.tgz" ]; then 17 | touch pkg/controllers/connector/v1alpha1/chart.tgz 18 | fi -------------------------------------------------------------------------------- /scripts/get-pcap-bookstore.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | # This script captures certain amount of network traffic from the BOOKSTORE V1 pod. 5 | # The capture is then moved from pod to local host. 6 | # This is a pcap file that can be inspected with tools like Wireshark. 7 | # This is useful to show encrypted/unencrypted traffic (demo enabling mTLS). 8 | 9 | 10 | # shellcheck disable=SC1091 11 | source .env 12 | 13 | POD="$(kubectl get pods --selector app=bookstore-v1 -n "$BOOKSTORE_NAMESPACE" --no-headers | grep 'Running' | awk '{print $1}')" 14 | 15 | 16 | kubectl exec -it -n "$BOOKSTORE_NAMESPACE" \ 17 | "$POD" \ 18 | -c "bookstore-v1" -- \ 19 | tcpdump -A -U -c 1024 -s 0 -w /tmp/pcap.pcap 20 | 21 | 22 | # Move the file from pod to local host 23 | kubectl cp "$BOOKSTORE_NAMESPACE"/"$POD":/tmp/pcap.pcap ./ 24 | -------------------------------------------------------------------------------- /scripts/go-mod-tidy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | go mod tidy 4 | if ! git diff --exit-code go.mod go.sum ; then 5 | echo -e "\nPlease commit the changes made by 'go mod tidy'" 6 | exit 1 7 | fi 8 | -------------------------------------------------------------------------------- /scripts/go-test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | go test -failfast -race -v ./...; echo $? 4 | -------------------------------------------------------------------------------- /scripts/hello.proto: -------------------------------------------------------------------------------- 1 | // based on https://grpc.io/docs/guides/concepts.html 2 | 3 | syntax = "proto2"; 4 | 5 | package hello; 6 | 7 | service HelloService { 8 | rpc SayHello(HelloRequest) returns (HelloResponse); 9 | rpc LotsOfReplies(HelloRequest) returns (stream HelloResponse); 10 | rpc LotsOfGreetings(stream HelloRequest) returns (HelloResponse); 11 | rpc BidiHello(stream HelloRequest) returns (stream HelloResponse); 12 | } 13 | 14 | message HelloRequest { 15 | optional string greeting = 1; 16 | } 17 | 18 | message HelloResponse { 19 | required string reply = 1; 20 | } 21 | -------------------------------------------------------------------------------- /scripts/image-exists.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -euo pipefail 4 | 5 | if [ -z "$1" ]; then 6 | echo "Error: expected one argument IMAGE:TAG" 7 | exit 1 8 | fi 9 | 10 | IMAGE=$(cut -d: -f1 <<< "$1") 11 | TAG=$(cut -d: -f2 <<< "$1") 12 | 13 | tokenUri="https://auth.docker.io/token?service=registry.docker.io&scope=repository:$IMAGE:pull" 14 | bearerToken="$(curl --silent --get "$tokenUri" | jq --raw-output '.token')" 15 | listUri="https://registry-1.docker.io/v2/$IMAGE/tags/list" 16 | authz="Authorization: Bearer $bearerToken" 17 | version_list="$(curl --silent --get -H "Accept: application/json" -H "$authz" "$listUri" | jq --raw-output '.')" 18 | exists=$(echo "$version_list" | jq --arg t "${TAG}" '.tags | index($t)') 19 | if [[ $exists != null ]]; then 20 | echo "image $IMAGE:$TAG already exists" 21 | exit 1 22 | fi 23 | -------------------------------------------------------------------------------- /scripts/install-git-pre-push-hook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | mkdir -p .git/hooks 4 | 5 | # shellcheck disable=SC2164 6 | pushd .git/hooks && ln -f -s ../../scripts/pre-push-hook ./pre-push && popd 7 | 8 | chmod +x .git/hooks/pre-push 9 | -------------------------------------------------------------------------------- /scripts/k3d-multicluster-cleanup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -o errexit 4 | set -o nounset 5 | set -o pipefail 6 | 7 | worker_list="cluster-1 cluster-2 cluster-3" 8 | cluster_list="control-plane $worker_list" 9 | 10 | # create k3d clusters 11 | for K3D_CLUSTER_NAME in $cluster_list 12 | do 13 | k3d cluster delete "${K3D_CLUSTER_NAME}" 14 | done -------------------------------------------------------------------------------- /scripts/port-forward-all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ./scripts/port-forward-bookbuyer-ui.sh & 4 | ./scripts/port-forward-bookstore-ui.sh app=bookstore & 5 | ./scripts/port-forward-bookstore-ui-v2.sh & 6 | ./scripts/port-forward-bookstore-ui-v1.sh & 7 | ./scripts/port-forward-bookthief-ui.sh & 8 | ./scripts/port-forward-fsm-debug.sh & 9 | ./scripts/port-forward-grafana.sh & 10 | ./scripts/port-forward-jaeger.sh & 11 | ./scripts/port-forward-prometheus.sh & 12 | 13 | wait 14 | 15 | -------------------------------------------------------------------------------- /scripts/port-forward-bookbuyer-ui.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | # This script port forwards from the BOOKBUYER pod to local port 8080 5 | 6 | 7 | # shellcheck disable=SC1091 8 | source .env 9 | 10 | BOOKBUYER_LOCAL_PORT="${BOOKBUYER_LOCAL_PORT:-8080}" 11 | POD="$(kubectl get pods --selector app=bookbuyer -n "$BOOKBUYER_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 12 | 13 | kubectl port-forward "$POD" -n "$BOOKBUYER_NAMESPACE" "$BOOKBUYER_LOCAL_PORT":14001 --address 0.0.0.0 14 | -------------------------------------------------------------------------------- /scripts/port-forward-bookbuyer.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # shellcheck disable=SC1091 3 | source .env 4 | 5 | POD="$(kubectl get pods --selector app=bookbuyer -n "$BOOKBUYER_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 6 | 7 | kubectl port-forward "$POD" -n "$BOOKBUYER_NAMESPACE" 15000:15000 --address 0.0.0.0 8 | 9 | -------------------------------------------------------------------------------- /scripts/port-forward-bookstore-ui-v1.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | # This script forwards port 14001 from the BOOKSTORE to local port 8081. 5 | 6 | 7 | # shellcheck disable=SC1091 8 | source .env 9 | 10 | BOOKSTOREv1_LOCAL_PORT="${BOOKSTOREv1_LOCAL_PORT:-8081}" 11 | POD="$(kubectl get pods --selector app=bookstore,version=v1 -n "$BOOKSTORE_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 12 | 13 | kubectl port-forward "$POD" -n "$BOOKSTORE_NAMESPACE" "$BOOKSTOREv1_LOCAL_PORT":14001 --address 0.0.0.0 14 | -------------------------------------------------------------------------------- /scripts/port-forward-bookstore-ui-v2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | # This script forwards BOOKSTORE port 14001 to local host port 8082 5 | 6 | 7 | # shellcheck disable=SC1091 8 | source .env 9 | 10 | BOOKSTOREv2_LOCAL_PORT="${BOOKSTOREv2_LOCAL_PORT:-8082}" 11 | POD="$(kubectl get pods --selector app=bookstore,version=v2 -n "$BOOKSTORE_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 12 | 13 | kubectl port-forward "$POD" -n "$BOOKSTORE_NAMESPACE" "$BOOKSTOREv2_LOCAL_PORT":14001 --address 0.0.0.0 14 | -------------------------------------------------------------------------------- /scripts/port-forward-bookstore-ui.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | # This script forwards port 14001 from the BOOKSTORE to local port 8081. 5 | 6 | 7 | # shellcheck disable=SC1091 8 | source .env 9 | 10 | selector="$1" 11 | thisScript="$(dirname "$0")/$(basename "$0")" 12 | 13 | if [ -z "$selector" ]; then 14 | echo "Usage: $thisScript " 15 | exit 1 16 | fi 17 | 18 | BOOKSTORE_LOCAL_PORT="${BOOKSTORE_LOCAL_PORT:-8084}" 19 | POD="$(kubectl get pods --selector "$selector" -n "$BOOKSTORE_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 20 | 21 | kubectl port-forward "$POD" -n "$BOOKSTORE_NAMESPACE" "$BOOKSTORE_LOCAL_PORT":14001 --address 0.0.0.0 22 | -------------------------------------------------------------------------------- /scripts/port-forward-bookstore.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # shellcheck disable=SC1091 3 | source .env 4 | 5 | selector="$1" 6 | thisScript="$(dirname "$0")/$(basename "$0")" 7 | 8 | if [ -z "$selector" ]; then 9 | echo "Usage: $thisScript " 10 | exit 1 11 | fi 12 | 13 | POD="$(kubectl get pods --selector "$selector" -n "$BOOKSTORE_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 14 | kubectl port-forward "$POD" -n "$BOOKSTORE_NAMESPACE" 15000:15000 --address 0.0.0.0 15 | 16 | -------------------------------------------------------------------------------- /scripts/port-forward-bookthief-ui.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | # This script forwards port 14001 from the BOOKTHIEF pod to local port 8083 5 | 6 | 7 | # shellcheck disable=SC1091 8 | source .env 9 | 10 | BOOKTHIEF_LOCAL_PORT="${BOOKTHIEF_LOCAL_PORT:-8083}" 11 | POD="$(kubectl get pods --selector app=bookthief -n "$BOOKTHIEF_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 12 | 13 | kubectl port-forward "$POD" -n "$BOOKTHIEF_NAMESPACE" "$BOOKTHIEF_LOCAL_PORT":14001 --address 0.0.0.0 14 | -------------------------------------------------------------------------------- /scripts/port-forward-bookthief.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # shellcheck disable=SC1091 3 | source .env 4 | 5 | POD="$(kubectl get pods --selector app=bookthief -n "$BOOKTHIEF_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 6 | 7 | kubectl port-forward "$POD" -n "$BOOKTHIEF_NAMESPACE" 15000:15000 --address 0.0.0.0 8 | 9 | -------------------------------------------------------------------------------- /scripts/port-forward-fsm-debug.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | set -aueo pipefail 5 | 6 | source .env 7 | 8 | FSM_POD=$(kubectl get pods -n "$K8S_NAMESPACE" --no-headers --selector app=fsm-controller | awk 'NR==1{print $1}') 9 | 10 | kubectl port-forward -n "$K8S_NAMESPACE" "$FSM_POD" 9092:9092 --address 0.0.0.0 11 | -------------------------------------------------------------------------------- /scripts/port-forward-fsm-metrics.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # shellcheck disable=SC1091 3 | source .env 4 | 5 | POD="$(kubectl get pods --selector app=fsm-controller -n "$K8S_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 6 | 7 | kubectl port-forward "$POD" -n "$K8S_NAMESPACE" 9091:9091 --address 0.0.0.0 8 | 9 | -------------------------------------------------------------------------------- /scripts/port-forward-fsm-repo.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | set -aueo pipefail 5 | 6 | source .env 7 | 8 | FSM_POD=$(kubectl get pods -n "$K8S_NAMESPACE" --no-headers --selector app=fsm-controller | awk 'NR==1{print $1}') 9 | 10 | kubectl port-forward -n "$K8S_NAMESPACE" "$FSM_POD" 6060:6060 --address 0.0.0.0 11 | -------------------------------------------------------------------------------- /scripts/port-forward-grafana.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # shellcheck disable=SC1091 3 | source .env 4 | 5 | POD="$(kubectl get pods --selector app="fsm-grafana" -n "$K8S_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 6 | 7 | kubectl port-forward "$POD" -n "$K8S_NAMESPACE" 3000:3000 --address 0.0.0.0 8 | -------------------------------------------------------------------------------- /scripts/port-forward-jaeger.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # shellcheck disable=SC1091 4 | set -aueo pipefail 5 | 6 | source .env 7 | 8 | FSM_POD=$(kubectl get pods -n "$K8S_NAMESPACE" --no-headers --selector app=fsm-jaeger | awk 'NR==1{print $1}') 9 | 10 | kubectl port-forward -n "$K8S_NAMESPACE" "$FSM_POD" 16686:16686 --address 0.0.0.0 11 | -------------------------------------------------------------------------------- /scripts/port-forward-prometheus.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # shellcheck disable=SC1091 3 | source .env 4 | 5 | POD="$(kubectl get pods --selector app="fsm-prometheus" -n "$K8S_NAMESPACE" --no-headers | grep 'Running' | awk 'NR==1{print $1}')" 6 | 7 | kubectl port-forward "$POD" -n "$K8S_NAMESPACE" 7070:7070 --address 0.0.0.0 8 | 9 | -------------------------------------------------------------------------------- /scripts/vm/README.md: -------------------------------------------------------------------------------- 1 | # 1. Copy the pipy program to the host. 2 | You need to add the path of pipy to PATH system variable. 3 | 4 | # 2. Set the required environment variables. 5 | for example: 6 | export PIPY_NIC=eth0 7 | 8 | export PIPY_REPO=http://10.10.10.1:6060/repo/fsm-sidecar/sidecar.vm49.derive-vm/ 9 | 10 | export PIPY_DNS=10.10.10.1 11 | 12 | **Note: change 10.10.10.1 to CLUSTER-IP/EXTERNAL-IP of fsm-system/fsm-controller** 13 | 14 | # 3. Run the pipy process. 15 | sh run-sidecar.sh 16 | -------------------------------------------------------------------------------- /scripts/vm/clean-iptables.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | iptables -P INPUT ACCEPT 4 | iptables -P FORWARD ACCEPT 5 | iptables -P OUTPUT ACCEPT 6 | 7 | iptables -F 8 | iptables -X 9 | iptables -Z 10 | 11 | iptables -t nat -F 12 | iptables -t nat -X 13 | iptables -t mangle -F 14 | iptables -t mangle -X 15 | iptables -t raw -F 16 | iptables -t raw -X 17 | 18 | -------------------------------------------------------------------------------- /tests/e2e/constants.go: -------------------------------------------------------------------------------- 1 | //lint:file-ignore U1000 Ignore all unused code, it's test code. 2 | 3 | // Package e2e defines test's const vars. 4 | package e2e 5 | 6 | import "github.com/flomesh-io/fsm/tests/framework" 7 | 8 | const ( 9 | fortioImageName = "fortio/fortio" 10 | fortioHTTPPort = 8080 11 | fortioTCPPort = 8078 12 | fortioGRPCPort = 8079 13 | 14 | fortioTCPRetCodeSuccess = "OK" 15 | fortioGRPCRetCodeSuccess = "SERVING" 16 | ) 17 | 18 | var ( 19 | fortioSingleCallSpec = framework.FortioLoadTestSpec{Calls: 1} 20 | ) 21 | -------------------------------------------------------------------------------- /tests/e2e/suite_test.go: -------------------------------------------------------------------------------- 1 | package e2e 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestSuite(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Ginkgo e2e tests") 13 | } 14 | -------------------------------------------------------------------------------- /tests/scale/suite_test.go: -------------------------------------------------------------------------------- 1 | package scale 2 | 3 | import ( 4 | "testing" 5 | 6 | . "github.com/onsi/ginkgo" 7 | . "github.com/onsi/gomega" 8 | ) 9 | 10 | func TestSuite(t *testing.T) { 11 | RegisterFailHandler(Fail) 12 | RunSpecs(t, "Scale") 13 | } 14 | -------------------------------------------------------------------------------- /tools.go: -------------------------------------------------------------------------------- 1 | //go:build tools 2 | // +build tools 3 | 4 | package tools 5 | 6 | import ( 7 | _ "github.com/AlekSi/gocov-xml" 8 | _ "github.com/axw/gocov/gocov" 9 | _ "github.com/golangci/golangci-lint/cmd/golangci-lint" 10 | _ "github.com/jstemmer/go-junit-report" 11 | _ "github.com/matm/gocov-html/cmd/gocov-html" 12 | _ "github.com/mitchellh/gox" 13 | _ "github.com/norwoodj/helm-docs/cmd/helm-docs" 14 | _ "k8s.io/code-generator/cmd/client-gen" 15 | ) 16 | --------------------------------------------------------------------------------