├── geps
├── landing
│ └── .gitignore
├── gep-1897
│ ├── images
│ │ ├── mesh.png
│ │ └── 1897-TLStermtypes.png
│ └── metadata.yaml
├── gep-724
│ ├── images
│ │ ├── 724-alt1.png
│ │ ├── 724-alt2.png
│ │ └── 724-proposal.png
│ └── metadata.yaml
├── gep-709
│ ├── images
│ │ ├── 709-inline.png
│ │ └── 709-referencegrant.png
│ └── metadata.yaml
├── gep-2649
│ ├── images
│ │ ├── 2649-hierarchy.png
│ │ ├── 2649-mesh-complex.png
│ │ ├── 2649-mesh-simple.png
│ │ ├── 2649-ingress-complex.png
│ │ ├── 2649-ingress-simple.png
│ │ └── 2649-policy-hierarchy.png
│ └── metadata.yaml
├── gep-1324
│ ├── images
│ │ ├── 1324-backend-ref.png
│ │ ├── 1324-service-frontend.png
│ │ ├── 1324-resource-view-of-service.png
│ │ └── 1324-decomposed-view-of-service.png
│ └── metadata.yaml
├── gep-713
│ └── images
│ │ ├── 713-ingress-attachment.png
│ │ ├── 713-servicebinding-complex.png
│ │ ├── 713-servicebinding-simple.png
│ │ └── 713-the-diagram-with-policy-admin.png
├── gep-1016
│ └── metadata.yaml
├── gep-922
│ └── metadata.yaml
├── gep-1323
│ └── metadata.yaml
├── gep-1364
│ └── metadata.yaml
├── gep-726
│ └── metadata.yaml
├── gep-735
│ └── metadata.yaml
├── gep-2627
│ └── metadata.yaml
├── gep-1651
│ └── metadata.yaml
├── gep-718
│ └── metadata.yaml
├── gep-851
│ └── metadata.yaml
├── gep-917
│ └── metadata.yaml
├── gep-1748
│ └── metadata.yaml
├── gep-820
│ └── metadata.yaml
├── gep-1709
│ └── metadata.yaml
├── gep-746
│ └── metadata.yaml
├── gep-91
│ └── metadata.yaml
├── gep-957
│ └── metadata.yaml
├── gep-2162
│ └── metadata.yaml
├── gep-1867
│ └── metadata.yaml
├── gep-1762
│ └── metadata.yaml
├── gep-4152
│ └── metadata.yaml
├── gep-1911
│ └── metadata.yaml
├── gep-1686
│ └── metadata.yaml
├── OWNERS
├── gep-1294
│ └── metadata.yaml
├── gep-3155
│ └── metadata.yaml
├── gep-1767
│ └── metadata.yaml
├── gep-2722
│ └── metadata.yaml
├── gep-1282
│ └── metadata.yaml
├── gep-2907
│ └── metadata.yaml
├── gep-2257
│ └── metadata.yaml
├── gep-3171
│ └── metadata.yaml
├── gep-1742
│ └── metadata.yaml
├── gep-2659
│ └── metadata.yaml
├── gep-995
│ └── metadata.yaml
├── gep-1713
│ └── metadata.yaml
├── gep-2643
│ └── metadata.yaml
├── gep-3779
│ └── metadata.yaml
└── gep-1619
│ └── metadata.yaml
├── site-src
├── implementations
│ └── .gitignore
├── images
│ ├── api-model.png
│ ├── grpc-routing.png
│ ├── http-routing.png
│ ├── k8s-favicon.png
│ ├── simple-split.png
│ ├── gateway-roles.png
│ ├── resource-model.png
│ ├── v1alpha2-group.png
│ ├── policy
│ │ ├── hierarchy.png
│ │ ├── mesh-complex.png
│ │ ├── mesh-simple.png
│ │ ├── ingress-complex.png
│ │ ├── ingress-simple.png
│ │ └── ingress-attachment.png
│ ├── backendtlspolicy-api.png
│ ├── traffic-splitting-1.png
│ ├── traffic-splitting-2.png
│ ├── traffic-splitting-3.png
│ ├── gateway-route-binding.png
│ ├── single-service-gateway.png
│ ├── tls-termination-types.png
│ ├── grpcroute-basic-example.png
│ ├── lifecycle-new-resources.png
│ ├── logo
│ │ ├── logo-text-horizontal.png
│ │ ├── logo-text-horizontal-white.png
│ │ └── logo-text-large-horizontal-white.png
│ └── httproute-with-backend-tls-policy.png
├── .mkdocs-exclude
├── reference
│ ├── images
│ │ ├── referencepolicy.png
│ │ └── policy-hierarchy.png
│ └── policy-attachment.md
├── js
│ └── implementations.js
└── OWNERS
├── conformance
├── echo-basic
│ ├── .gitignore
│ └── .go.mod
├── tests
│ ├── gatewayclass-observed-generation-bump.yaml
│ ├── httproute-observed-generation-bump.yaml
│ ├── httproute-simple-same-namespace.yaml
│ ├── gateway-optional-address-value.yaml
│ ├── httproute-cross-namespace.yaml
│ ├── mesh
│ │ ├── httproute-simple-same-namespace.yaml
│ │ ├── httproute-weight.yaml
│ │ ├── httproute-307-redirect.yaml
│ │ ├── httproute-303-redirect.yaml
│ │ ├── httproute-308-redirect.yaml
│ │ ├── mesh-frontend.yaml
│ │ ├── grpcroute-weight.yaml
│ │ ├── mesh-split.yaml
│ │ ├── mesh-consumer-route.yaml
│ │ ├── httproute-named-rule.yaml
│ │ ├── httproute-matching.yaml
│ │ ├── httproute-redirect-host-and-status.yaml
│ │ └── main.go
│ ├── httproute-invalid-nonexistent-backendref.yaml
│ ├── httproute-invalid-cross-namespace-parent-ref.yaml
│ ├── httproute-invalid-cross-namespace-backend-ref.yaml
│ ├── httproute-invalid-backendref-unknown-kind.yaml
│ ├── gateway-observed-generation-bump.yaml
│ ├── gateway-infrastructure.yaml
│ ├── httproute-303-redirect.yaml
│ ├── httproute-307-redirect.yaml
│ ├── httproute-308-redirect.yaml
│ ├── httproute-weight.yaml
│ ├── grpcroute-weight.yaml
│ ├── httproute-backend-protocol-h2c.yaml
│ ├── httproute-backend-protocol-websocket.yaml
│ ├── httproute-exact-path-matching.yaml
│ ├── httproute-invalid-parentref-not-matching-listener-port.yaml
│ ├── httproute-named-rule.yaml
│ ├── httproute-invalid-parentref-not-matching-section-name.yaml
│ ├── gateway-secret-missing-reference-grant.yaml
│ ├── grpcroute-exact-method-matching.yaml
│ ├── httproute-matching.yaml
│ ├── httproute-timeout-request.yaml
│ ├── udproute-simple.yaml
│ ├── grpcroute-named-rule.yaml
│ ├── httproute-redirect-host-and-status.yaml
│ ├── httproute-timeout-backend-request.yaml
│ ├── httproute-https-listener.yaml
│ ├── httproute-reference-grant.yaml
│ ├── httproute-disallowed-kind.yaml
│ ├── httproute-request-header-modifier-backend-weights.yaml
│ ├── main.go
│ ├── tlsroute-simple-same-namespace.yaml
│ ├── gateway-invalid-route-kind.yaml
│ └── httproute-cors-allow-credentials-behavior.yaml
├── reports
│ ├── v0.8.0
│ │ ├── envoy-gateway
│ │ │ └── README.md
│ │ ├── kumahq-kuma
│ │ │ └── README.md
│ │ ├── projectcontour-contour
│ │ │ └── README.md
│ │ └── nginx-nginx-gateway-fabric
│ │ │ └── README.md
│ ├── v1.0.0
│ │ ├── istio-istio
│ │ │ └── README.md
│ │ ├── kumahq-kuma
│ │ │ └── README.md
│ │ ├── envoy-gateway
│ │ │ └── README.md
│ │ ├── cilium
│ │ │ └── README.md
│ │ └── azure-application-gateway-for-containers
│ │ │ └── README.md
│ ├── v0.7.1
│ │ ├── cilium
│ │ │ └── README.md
│ │ ├── istio-istio
│ │ │ └── README.md
│ │ ├── kumahq-kuma
│ │ │ └── README.md
│ │ ├── nginx-nginx-gateway-fabric
│ │ │ └── README.md
│ │ ├── kong-kubernetes-ingress-controller
│ │ │ └── README.md
│ │ └── projectcontour-contour
│ │ │ └── README.md
│ ├── v0.8.1
│ │ ├── cilium
│ │ │ └── README.md
│ │ ├── nginx-nginx-gateway-fabric
│ │ │ └── README.md
│ │ └── kong-kubernetes-ingress-controller
│ │ │ └── README.md
│ ├── v1.1.0
│ │ ├── istio-istio
│ │ │ └── README.md
│ │ ├── cilium-cilium
│ │ │ └── README.md
│ │ └── envoy-gateway
│ │ │ └── README.md
│ ├── v1.2.0
│ │ ├── istio-istio
│ │ │ └── README.md
│ │ ├── cilium-cilium
│ │ │ └── README.md
│ │ └── envoy-gateway
│ │ │ └── README.md
│ ├── v1.4.0
│ │ ├── istio-istio
│ │ │ └── README.md
│ │ └── cilium
│ │ │ └── README.md
│ ├── v1.2.1
│ │ ├── istio-istio
│ │ │ └── README.md
│ │ ├── cilium-cilium
│ │ │ └── README.md
│ │ ├── kubvernor
│ │ │ └── kubvernor-conformance-output-1.2.1.yaml
│ │ └── envoy-gateway
│ │ │ └── README.md
│ └── v1.3.0
│ │ ├── istio-istio
│ │ └── README.md
│ │ ├── cilium-cilium
│ │ └── README.md
│ │ ├── cloud-provider-kind
│ │ └── standard-v0.8.0-alpha.1-default-report.yaml
│ │ ├── agentgateway-agentgateway
│ │ └── README.md
│ │ └── gravitee
│ │ └── standard-4.8.5-default-report.yaml
├── OWNERS
├── embed.go
├── utils
│ └── tlog
│ │ └── tlog_test.go
├── conformance_test.go
└── apis
│ └── v1
│ └── doc.go
├── docker
└── Dockerfile.echo-advanced
├── CHANGELOG.md
├── go.work
├── gwctl
└── README.md
├── code-of-conduct.md
├── examples
├── standard
│ ├── multicluster
│ │ ├── 0-namespaces.yaml
│ │ ├── httproute-simple.yaml
│ │ ├── httproute-gamma.yaml
│ │ ├── httproute-hybrid.yaml
│ │ ├── httproute-method.yaml
│ │ ├── httproute-referencegrant.yaml
│ │ └── httproute-location.yaml
│ ├── 0-namespaces.yaml
│ ├── reference-grant.yaml
│ ├── simple-gateway
│ │ ├── httproute.yaml
│ │ └── gateway.yaml
│ ├── traffic-splitting
│ │ ├── simple-split.yaml
│ │ ├── traffic-split-3.yaml
│ │ ├── grpc-traffic-split-2.yaml
│ │ ├── traffic-split-2.yaml
│ │ └── traffic-split-1.yaml
│ ├── backendtlspolicy
│ │ ├── backendtlspolicy-system-certs.yaml
│ │ └── backendtlspolicy-ca-certs.yaml
│ ├── simple-http-https
│ │ ├── bar-route.yaml
│ │ ├── tls-redirect-route.yaml
│ │ ├── foo-route.yaml
│ │ └── gateway.yaml
│ ├── http-route-attachment
│ │ ├── httproute.yaml
│ │ ├── gateway-namespaces.yaml
│ │ └── gateway-strict.yaml
│ ├── cross-namespace-routing
│ │ ├── store-route.yaml
│ │ ├── 0-namespaces.yaml
│ │ ├── gateway.yaml
│ │ └── site-route.yaml
│ ├── http-routing
│ │ ├── foo-httproute.yaml
│ │ ├── bar-httproute.yaml
│ │ └── gateway.yaml
│ ├── grpc-routing
│ │ ├── foo-grpcroute.yaml
│ │ ├── bar-grpcroute.yaml
│ │ ├── reflection-grpcroute.yaml
│ │ └── gateway.yaml
│ ├── http-rewrite.yaml
│ ├── http-redirect-path.yaml
│ ├── http-redirect-rewrite
│ │ ├── httproute-redirect-https.yaml
│ │ ├── httproute-redirect-http.yaml
│ │ ├── httproute-rewrite.yaml
│ │ ├── gateway-redirect-http-https.yaml
│ │ ├── httproute-redirect-full.yaml
│ │ ├── httproute-redirect-prefix.yaml
│ │ ├── httproute-redirect-307.yaml
│ │ ├── httproute-redirect-308.yaml
│ │ ├── httproute-redirect-303.yaml
│ │ ├── httproute-rewrite-full-path.yaml
│ │ └── httproute-rewrite-prefix-path.yaml
│ ├── http-filter.yaml
│ ├── grpc-filter.yaml
│ ├── http-request-header-remove.yaml
│ ├── http-request-header-add.yaml
│ ├── http-request-mirroring
│ │ └── httproute-mirroring.yaml
│ ├── http-request-header-set.yaml
│ ├── httproute.yaml
│ ├── tls-basic.yaml
│ ├── wildcard-tls-gateway.yaml
│ ├── gateway-addresses.yaml
│ └── tls-cert-cross-namespace.yaml
└── experimental
│ ├── v1alpha2
│ └── tls-routing
│ │ ├── gateway.yaml
│ │ └── tls-route.yaml
│ ├── v1alpha3
│ └── tls-routing
│ │ ├── gateway.yaml
│ │ └── tls-route.yaml
│ ├── destination-port-matching-tcp.yaml
│ ├── backend-tls.yaml
│ ├── http-route-timeouts
│ └── timeout-example.yaml
│ ├── http-route-rule-name.yaml
│ └── http-response-header.yaml
├── tools
├── geps
│ └── templates
│ │ ├── template.tmpl
│ │ └── template-tab.tmpl
└── README.md
├── hack
├── invalid-examples
│ ├── standard
│ │ ├── gatewayclass
│ │ │ └── invalid-controller.yaml
│ │ ├── httproute
│ │ │ ├── invalid-method.yaml
│ │ │ ├── invalid-filter-empty.yaml
│ │ │ ├── invalid-backend-port.yaml
│ │ │ ├── invalid-hostname.yaml
│ │ │ ├── invalid-backend-kind.yaml
│ │ │ ├── httproute-portless-backend.yaml
│ │ │ ├── invalid-backend-group.yaml
│ │ │ ├── invalid-path-specialchars.yaml
│ │ │ ├── invalid-header-name.yaml
│ │ │ ├── invalid-filter-wrong-field.yaml
│ │ │ ├── httproute-portless-service.yaml
│ │ │ ├── invalid-path-alphanum-specialchars-mix.yaml
│ │ │ ├── duplicate-header-match.yaml
│ │ │ ├── duplicate-query-match.yaml
│ │ │ ├── invalid-filter-duplicate-header.yaml
│ │ │ ├── invalid-httpredirect-hostname.yaml
│ │ │ ├── invalid-request-redirect-with-backendref.yaml
│ │ │ └── invalid-filter-duplicate.yaml
│ │ ├── referencegrant
│ │ │ ├── missing-from.yaml
│ │ │ ├── missing-to.yaml
│ │ │ └── missing-ns.yaml
│ │ └── gateway
│ │ │ ├── invalid-listener-name.yaml
│ │ │ ├── invalid-listener-port.yaml
│ │ │ ├── hostname-tcp.yaml
│ │ │ ├── hostname-udp.yaml
│ │ │ ├── invalid-tls-mode.yaml
│ │ │ ├── duplicate-listeners.yaml
│ │ │ ├── tlsconfig-tcp.yaml
│ │ │ └── invalid-addresses.yaml
│ └── experimental
│ │ ├── tlsroute
│ │ ├── no-hostname.yaml
│ │ └── invalid-hostname.yaml
│ │ └── httproute
│ │ ├── invalid-filter-externalauth-empty.yaml
│ │ ├── invalid-filter-externalauth-no-protocol.yaml
│ │ ├── invalid-filter-externalauth-bad-http-path.yaml
│ │ └── invalid-header-value.yaml
├── crd-ref-templates
│ ├── gv_list.tpl
│ ├── README.md
│ ├── type_members.tpl
│ └── gv_details.tpl
├── mkdocs
│ ├── OWNERS
│ └── image
│ │ ├── requirements.txt
│ │ ├── entrypoint.sh
│ │ └── Dockerfile
├── boilerplate
│ ├── boilerplate.go.txt
│ ├── boilerplate.generatego.txt
│ ├── boilerplate.py.txt
│ └── boilerplate.sh.txt
├── install-examples.sh
├── delete-crds.sh
└── verify-codegen.sh
├── .custom-gcl.yml
├── .github
├── ISSUE_TEMPLATE
│ ├── documentation.md
│ ├── config.yml
│ ├── conformance-test.md
│ ├── enhancement.md
│ └── bug.md
└── workflows
│ └── kal.yml
├── docs
├── 404.html
└── index.html
├── OWNERS
├── .openvex
└── templates
│ └── main.openvex.json
├── CHANGELOG
├── 1.3-TEAM.md
├── 1.1-TEAM.md
└── 1.2-TEAM.md
├── config
└── crd
│ ├── kustomization.yaml
│ └── experimental
│ └── kustomization.yaml
├── crd-ref-docs.yaml
├── .gitattributes
├── SECURITY_CONTACTS
├── apis
├── doc.go
├── v1
│ └── doc.go
├── v1beta1
│ ├── doc.go
│ └── object_reference_types.go
├── v1alpha2
│ ├── doc.go
│ └── object_reference_types.go
└── v1alpha3
│ ├── doc.go
│ └── shared_types.go
├── apisx
├── doc.go
└── v1alpha1
│ └── doc.go
├── pkg
└── client
│ └── clientset
│ └── versioned
│ ├── fake
│ └── doc.go
│ ├── typed
│ ├── apis
│ │ ├── v1
│ │ │ ├── doc.go
│ │ │ ├── fake
│ │ │ │ └── doc.go
│ │ │ └── generated_expansion.go
│ │ ├── v1alpha2
│ │ │ ├── fake
│ │ │ │ └── doc.go
│ │ │ ├── doc.go
│ │ │ └── generated_expansion.go
│ │ ├── v1alpha3
│ │ │ ├── fake
│ │ │ │ └── doc.go
│ │ │ ├── doc.go
│ │ │ └── generated_expansion.go
│ │ └── v1beta1
│ │ │ ├── fake
│ │ │ └── doc.go
│ │ │ ├── doc.go
│ │ │ └── generated_expansion.go
│ └── apisx
│ │ └── v1alpha1
│ │ ├── fake
│ │ └── doc.go
│ │ ├── doc.go
│ │ └── generated_expansion.go
│ └── scheme
│ └── doc.go
├── netlify.toml
└── .gitignore
/geps/landing/.gitignore:
--------------------------------------------------------------------------------
1 | *.md
--------------------------------------------------------------------------------
/site-src/implementations/.gitignore:
--------------------------------------------------------------------------------
1 | *
--------------------------------------------------------------------------------
/conformance/echo-basic/.gitignore:
--------------------------------------------------------------------------------
1 | echo-basic
2 |
--------------------------------------------------------------------------------
/docker/Dockerfile.echo-advanced:
--------------------------------------------------------------------------------
1 | FROM gcr.io/istio-release/app:1.21.2
2 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | This has been moved to the CHANGELOG directory.
4 |
--------------------------------------------------------------------------------
/go.work:
--------------------------------------------------------------------------------
1 | go 1.24.0
2 |
3 | use (
4 | .
5 | ./conformance
6 | ./tests
7 | ./tools
8 | )
9 |
--------------------------------------------------------------------------------
/gwctl/README.md:
--------------------------------------------------------------------------------
1 | > [!NOTE]
2 | > Ongoing development has moved to https://github.com/kubernetes-sigs/gwctl
--------------------------------------------------------------------------------
/geps/gep-1897/images/mesh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-1897/images/mesh.png
--------------------------------------------------------------------------------
/site-src/images/api-model.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/api-model.png
--------------------------------------------------------------------------------
/geps/gep-724/images/724-alt1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-724/images/724-alt1.png
--------------------------------------------------------------------------------
/geps/gep-724/images/724-alt2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-724/images/724-alt2.png
--------------------------------------------------------------------------------
/site-src/images/grpc-routing.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/grpc-routing.png
--------------------------------------------------------------------------------
/site-src/images/http-routing.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/http-routing.png
--------------------------------------------------------------------------------
/site-src/images/k8s-favicon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/k8s-favicon.png
--------------------------------------------------------------------------------
/site-src/images/simple-split.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/simple-split.png
--------------------------------------------------------------------------------
/geps/gep-709/images/709-inline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-709/images/709-inline.png
--------------------------------------------------------------------------------
/site-src/images/gateway-roles.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/gateway-roles.png
--------------------------------------------------------------------------------
/site-src/images/resource-model.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/resource-model.png
--------------------------------------------------------------------------------
/site-src/images/v1alpha2-group.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/v1alpha2-group.png
--------------------------------------------------------------------------------
/geps/gep-724/images/724-proposal.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-724/images/724-proposal.png
--------------------------------------------------------------------------------
/site-src/images/policy/hierarchy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/policy/hierarchy.png
--------------------------------------------------------------------------------
/geps/gep-2649/images/2649-hierarchy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-2649/images/2649-hierarchy.png
--------------------------------------------------------------------------------
/site-src/.mkdocs-exclude:
--------------------------------------------------------------------------------
1 | .mkdocs-exclude
2 | .nojekyll
3 | .placeholder
4 | search/search_index.json
5 | sitemap.xml.gz
6 | sitemap.xml
7 |
--------------------------------------------------------------------------------
/site-src/images/backendtlspolicy-api.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/backendtlspolicy-api.png
--------------------------------------------------------------------------------
/site-src/images/policy/mesh-complex.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/policy/mesh-complex.png
--------------------------------------------------------------------------------
/site-src/images/policy/mesh-simple.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/policy/mesh-simple.png
--------------------------------------------------------------------------------
/site-src/images/traffic-splitting-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/traffic-splitting-1.png
--------------------------------------------------------------------------------
/site-src/images/traffic-splitting-2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/traffic-splitting-2.png
--------------------------------------------------------------------------------
/site-src/images/traffic-splitting-3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/traffic-splitting-3.png
--------------------------------------------------------------------------------
/geps/gep-1324/images/1324-backend-ref.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-1324/images/1324-backend-ref.png
--------------------------------------------------------------------------------
/geps/gep-1897/images/1897-TLStermtypes.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-1897/images/1897-TLStermtypes.png
--------------------------------------------------------------------------------
/geps/gep-2649/images/2649-mesh-complex.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-2649/images/2649-mesh-complex.png
--------------------------------------------------------------------------------
/geps/gep-2649/images/2649-mesh-simple.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-2649/images/2649-mesh-simple.png
--------------------------------------------------------------------------------
/geps/gep-709/images/709-referencegrant.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-709/images/709-referencegrant.png
--------------------------------------------------------------------------------
/site-src/images/gateway-route-binding.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/gateway-route-binding.png
--------------------------------------------------------------------------------
/site-src/images/policy/ingress-complex.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/policy/ingress-complex.png
--------------------------------------------------------------------------------
/site-src/images/policy/ingress-simple.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/policy/ingress-simple.png
--------------------------------------------------------------------------------
/site-src/images/single-service-gateway.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/single-service-gateway.png
--------------------------------------------------------------------------------
/site-src/images/tls-termination-types.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/tls-termination-types.png
--------------------------------------------------------------------------------
/geps/gep-2649/images/2649-ingress-complex.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-2649/images/2649-ingress-complex.png
--------------------------------------------------------------------------------
/geps/gep-2649/images/2649-ingress-simple.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-2649/images/2649-ingress-simple.png
--------------------------------------------------------------------------------
/site-src/images/grpcroute-basic-example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/grpcroute-basic-example.png
--------------------------------------------------------------------------------
/site-src/images/lifecycle-new-resources.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/lifecycle-new-resources.png
--------------------------------------------------------------------------------
/site-src/images/logo/logo-text-horizontal.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/logo/logo-text-horizontal.png
--------------------------------------------------------------------------------
/site-src/images/policy/ingress-attachment.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/policy/ingress-attachment.png
--------------------------------------------------------------------------------
/site-src/reference/images/referencepolicy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/reference/images/referencepolicy.png
--------------------------------------------------------------------------------
/geps/gep-1324/images/1324-service-frontend.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-1324/images/1324-service-frontend.png
--------------------------------------------------------------------------------
/geps/gep-2649/images/2649-policy-hierarchy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-2649/images/2649-policy-hierarchy.png
--------------------------------------------------------------------------------
/geps/gep-713/images/713-ingress-attachment.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-713/images/713-ingress-attachment.png
--------------------------------------------------------------------------------
/site-src/reference/images/policy-hierarchy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/reference/images/policy-hierarchy.png
--------------------------------------------------------------------------------
/geps/gep-713/images/713-servicebinding-complex.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-713/images/713-servicebinding-complex.png
--------------------------------------------------------------------------------
/geps/gep-713/images/713-servicebinding-simple.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-713/images/713-servicebinding-simple.png
--------------------------------------------------------------------------------
/site-src/images/logo/logo-text-horizontal-white.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/logo/logo-text-horizontal-white.png
--------------------------------------------------------------------------------
/geps/gep-1324/images/1324-resource-view-of-service.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-1324/images/1324-resource-view-of-service.png
--------------------------------------------------------------------------------
/site-src/images/httproute-with-backend-tls-policy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/httproute-with-backend-tls-policy.png
--------------------------------------------------------------------------------
/code-of-conduct.md:
--------------------------------------------------------------------------------
1 | # Kubernetes Community Code of Conduct
2 |
3 | Please refer to our [Kubernetes Community Code of Conduct](https://git.k8s.io/community/code-of-conduct.md)
4 |
--------------------------------------------------------------------------------
/geps/gep-1324/images/1324-decomposed-view-of-service.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-1324/images/1324-decomposed-view-of-service.png
--------------------------------------------------------------------------------
/geps/gep-713/images/713-the-diagram-with-policy-admin.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/geps/gep-713/images/713-the-diagram-with-policy-admin.png
--------------------------------------------------------------------------------
/site-src/images/logo/logo-text-large-horizontal-white.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/HEAD/site-src/images/logo/logo-text-large-horizontal-white.png
--------------------------------------------------------------------------------
/examples/standard/multicluster/0-namespaces.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: foo
5 | ---
6 | apiVersion: v1
7 | kind: Namespace
8 | metadata:
9 | name: bar
10 |
--------------------------------------------------------------------------------
/tools/geps/templates/template.tmpl:
--------------------------------------------------------------------------------
1 | # {{ .GepType }} GEPs
2 |
3 | {{- with .GepsDetails }}
4 | {{- range . }}
5 | - [GEP-{{ .Number }}: {{ .Name }}](/geps/gep-{{ .Number }}/)
6 | {{- end }}
7 | {{- end }}
8 |
--------------------------------------------------------------------------------
/geps/gep-1016/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1016
4 | name: GRPCRoute
5 | status: Standard
6 | authors:
7 | - gnossen
8 | - robscott
9 |
--------------------------------------------------------------------------------
/geps/gep-922/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 922
4 | name: Gateway API Versioning
5 | status: Memorandum
6 | authors:
7 | - robscott
8 |
--------------------------------------------------------------------------------
/geps/gep-1323/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1323
4 | name: Response Header Filter
5 | status: Standard
6 | authors:
7 | - aryan9600
8 |
9 |
--------------------------------------------------------------------------------
/geps/gep-1364/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1364
4 | name: Status and Conditions Update
5 | status: Standard
6 | authors:
7 | - youngnick
8 |
--------------------------------------------------------------------------------
/geps/gep-724/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 724
4 | name: Refresh Route-Gateway Binding
5 | status: Standard
6 | authors:
7 | - robscott
8 |
--------------------------------------------------------------------------------
/geps/gep-726/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 726
4 | name: Add Path Redirects and Rewrites
5 | status: Standard
6 | authors:
7 | - robscott
8 |
--------------------------------------------------------------------------------
/geps/gep-735/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 735
4 | name: TCP and UDP addresses matching
5 | status: Declined
6 | authors:
7 | - shaneutt
8 |
--------------------------------------------------------------------------------
/geps/gep-2627/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2627
4 | name: DNS configuration for Gateway API
5 | status: Provisional
6 | authors:
7 | - maleck13
8 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gatewayclass/invalid-controller.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: GatewayClass
3 | metadata:
4 | name: invalid-controller
5 | spec:
6 | controllerName: example
7 |
--------------------------------------------------------------------------------
/geps/gep-1651/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1651
4 | name: Gateway Routability
5 | status: Provisional
6 | authors:
7 | - dprotaso
8 | - sunjayBhatia
9 |
--------------------------------------------------------------------------------
/hack/invalid-examples/experimental/tlsroute/no-hostname.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1alpha3
2 | kind: TLSRoute
3 | metadata:
4 | name: no-hostname
5 | spec:
6 | rules:
7 | - backendRefs:
8 | - name: foo
9 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-method.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-method
5 | spec:
6 | rules:
7 | - matches:
8 | - method: NOTREAL
9 |
--------------------------------------------------------------------------------
/geps/gep-718/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 718
4 | name: Rework forwardTo segment in routes
5 | status: Standard
6 | authors:
7 | - hbagdi
8 | - robscott
9 |
--------------------------------------------------------------------------------
/geps/gep-851/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 851
4 | name: Allow Multiple Certificate Refs per Gateway Listener
5 | status: Standard
6 | authors:
7 | - robscott
8 |
--------------------------------------------------------------------------------
/geps/gep-917/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 917
4 | name: Gateway API Conformance Testing
5 | status: Memorandum
6 | authors:
7 | - youngnick
8 | - robscott
9 |
--------------------------------------------------------------------------------
/site-src/js/implementations.js:
--------------------------------------------------------------------------------
1 | document$.subscribe(function() {
2 | var tables = document.querySelectorAll("article table:not([class])")
3 | tables.forEach(function(table) {
4 | new Tablesort(table)
5 | })
6 | })
7 |
8 |
9 |
--------------------------------------------------------------------------------
/.custom-gcl.yml:
--------------------------------------------------------------------------------
1 | version: v2.7.0
2 | name: golangci-kube-api-linter
3 | destination: ./bin
4 | plugins:
5 | - module: 'sigs.k8s.io/kube-api-linter'
6 | version: 'v0.0.0-20251201121224-8e86c463aeb8' # Pin to a commit while there's no tag
7 |
--------------------------------------------------------------------------------
/geps/gep-1748/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1748
4 | name: Gateway API Interaction with Multi-Cluster Services
5 | status: Experimental
6 | authors:
7 | - robscott
8 |
--------------------------------------------------------------------------------
/geps/gep-709/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 709
4 | name: Cross Namespace References from Routes
5 | status: Standard
6 | authors:
7 | - robscott
8 | - youngnick
9 |
--------------------------------------------------------------------------------
/geps/gep-820/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 820
4 | name: Drop extension points from Route matches
5 | status: Standard
6 | authors:
7 | - hbagdi
8 | - robscott
9 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/referencegrant/missing-from.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1beta1
2 | kind: ReferenceGrant
3 | metadata:
4 | name: missing-from
5 | spec:
6 | to:
7 | - group: ""
8 | kind: "Service"
9 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/documentation.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Documentation
3 | about: Suggest an improvement to documentation
4 | labels: kind/documentation
5 | ---
6 |
7 | **What would you like to be added**:
8 |
9 | **Why this is needed**:
10 |
--------------------------------------------------------------------------------
/geps/gep-1709/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1709
4 | name: Conformance Profiles
5 | status: Standard
6 | authors:
7 | - shaneutt
8 | - mlavacca
9 | - arkodg
10 |
--------------------------------------------------------------------------------
/geps/gep-746/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 746
4 | name: Replace Cert Refs on HTTPRoute with Cross Namespace Refs from Gateway
5 | status: Standard
6 | authors:
7 | - robscott
8 |
--------------------------------------------------------------------------------
/geps/gep-91/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 91
4 | name: Client Certificate Validation for TLS terminating at the Gateway Listener
5 | status: Experimental
6 | authors:
7 | - arkodg
8 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-filter-empty.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-filter-empty
5 | spec:
6 | rules:
7 | - filters:
8 | - type: RequestHeaderModifier
9 |
--------------------------------------------------------------------------------
/geps/gep-957/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 957
4 | name: Destination Port Matching
5 | status: Standard
6 | authors:
7 | - cxhiano
8 | - robscott
9 | - shaneutt
10 |
11 |
--------------------------------------------------------------------------------
/conformance/tests/gatewayclass-observed-generation-bump.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: GatewayClass
3 | metadata:
4 | name: gatewayclass-observed-generation-bump
5 | spec:
6 | controllerName: "{GATEWAY_CONTROLLER_NAME}"
7 | description: "old"
8 |
--------------------------------------------------------------------------------
/docs/404.html:
--------------------------------------------------------------------------------
1 |
2 |
3 | Redirecting to https://gateway-api.sigs.k8s.io/
4 |
5 |
6 |
--------------------------------------------------------------------------------
/docs/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 | Redirecting to https://gateway-api.sigs.k8s.io/
4 |
5 |
6 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/referencegrant/missing-to.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1beta1
2 | kind: ReferenceGrant
3 | metadata:
4 | name: missing-to
5 | spec:
6 | from:
7 | - group: ""
8 | kind: "Service"
9 | namespace: "example"
10 |
--------------------------------------------------------------------------------
/hack/invalid-examples/experimental/httproute/invalid-filter-externalauth-empty.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-filter-externalauth-empty
5 | spec:
6 | rules:
7 | - filters:
8 | - type: ExternalAuth
9 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-backend-port.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-backend-port
5 | spec:
6 | rules:
7 | - backendRefs:
8 | - name: my-service1
9 | port: 800080
10 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-hostname.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-hostname
5 | spec:
6 | hostnames:
7 | - http://a<
8 | rules:
9 | - backendRefs:
10 | - name: foo
11 |
--------------------------------------------------------------------------------
/tools/geps/templates/template-tab.tmpl:
--------------------------------------------------------------------------------
1 | # GEPs List
2 | {{ range . }}
3 | === "{{ .GepType }}"
4 | {{- with .GepsDetails }}
5 | {{ range . }}
6 | - [GEP-{{ .Number }}: {{ .Name }}](/geps/gep-{{ .Number }}/)
7 | {{- end }}
8 | {{ end }}
9 | {{- end }}
10 |
--------------------------------------------------------------------------------
/hack/invalid-examples/experimental/tlsroute/invalid-hostname.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1alpha2
2 | kind: TLSRoute
3 | metadata:
4 | name: invalid-hostname
5 | spec:
6 | hostnames:
7 | - http://a<
8 | rules:
9 | - backendRefs:
10 | - name: foo
11 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-backend-kind.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-backend-kind
5 | spec:
6 | rules:
7 | - backendRefs:
8 | - kind: "*"
9 | name: foo
10 | port: 80
11 |
--------------------------------------------------------------------------------
/conformance/reports/v0.8.0/envoy-gateway/README.md:
--------------------------------------------------------------------------------
1 | # Envoy Gateway
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|latest|x|[latest report](./latest-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/geps/gep-2162/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2162
4 | name: Supported features in GatewayClass Status
5 | status: Standard
6 | authors:
7 | - LiorLieberman
8 | - robscott
9 | - spacewander
10 | - shaneutt
11 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/httproute-portless-backend.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: portless-backend
5 | spec:
6 | parentRefs:
7 | - name: prod-web
8 | rules:
9 | - backendRefs:
10 | - name: foo
11 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-backend-group.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-backend-group
5 | spec:
6 | rules:
7 | - backendRefs:
8 | - group: "*"
9 | name: foo
10 | port: 80
11 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/invalid-listener-name.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: invalid-listener-name
5 | spec:
6 | gatewayClassName: example
7 | listeners:
8 | - name: bad>
9 | protocol: HTTP
10 | port: 80
11 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-path-specialchars.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-path-specialchars
5 | spec:
6 | rules:
7 | - matches:
8 | - path:
9 | type: PathPrefix
10 | value: /[]
11 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/invalid-listener-port.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: invalid-listener-port
5 | spec:
6 | gatewayClassName: example
7 | listeners:
8 | - name: foo
9 | protocol: HTTP
10 | port: 123456789
11 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/hostname-tcp.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: hostname-tcp
5 | spec:
6 | gatewayClassName: example
7 | listeners:
8 | - name: example
9 | hostname: example.com
10 | protocol: TCP
11 | port: 80
12 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/hostname-udp.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: hostname-udp
5 | spec:
6 | gatewayClassName: example
7 | listeners:
8 | - name: example
9 | hostname: example.com
10 | protocol: UDP
11 | port: 80
12 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-header-name.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-header-name
5 | spec:
6 | rules:
7 | - matches:
8 | - headers:
9 | - type: Exact
10 | name: magic/
11 | value: foo
12 |
--------------------------------------------------------------------------------
/examples/standard/0-namespaces.yaml:
--------------------------------------------------------------------------------
1 | # These namespaces can be used for examples without recreating them each time.
2 | ---
3 | apiVersion: v1
4 | kind: Namespace
5 | metadata:
6 | name: gateway-api-example-ns1
7 | ---
8 | apiVersion: v1
9 | kind: Namespace
10 | metadata:
11 | name: gateway-api-example-ns2
12 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/referencegrant/missing-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1beta1
2 | kind: ReferenceGrant
3 | metadata:
4 | name: missing-ns
5 | spec:
6 | to:
7 | - group: ""
8 | kind: "Service"
9 | from:
10 | - group: "gateway.networking.k8s.io"
11 | kind: "HTTPRoute"
12 |
--------------------------------------------------------------------------------
/geps/gep-1867/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1867
4 | name: Per-Gateway Infrastructure
5 | status: Standard
6 | authors:
7 | - howardjohn
8 | relationships:
9 | extends:
10 | - number: 1762
11 | name: In Cluster Gateway Deployments
12 |
--------------------------------------------------------------------------------
/hack/invalid-examples/experimental/httproute/invalid-filter-externalauth-no-protocol.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-filter-externalauth-empty
5 | spec:
6 | rules:
7 | - filters:
8 | - type: ExternalAuth
9 | externalAuth: {}
10 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/config.yml:
--------------------------------------------------------------------------------
1 | contact_links:
2 | - name: "Issue regarding a specific implementation of the API"
3 | url: https://gateway-api.sigs.k8s.io/implementations/
4 | about: "Please file any issues related to a specific implementation to their corresponding issue tracker. Only API related issues should be filed here."
5 |
--------------------------------------------------------------------------------
/conformance/reports/v1.0.0/istio-istio/README.md:
--------------------------------------------------------------------------------
1 | # Istio
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[1.20](https://github.com/istio/istio/releases/tag/1.20.0)|x|[v1.20 report](./1.20-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-filter-wrong-field.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-filter-wrong-field
5 | spec:
6 | rules:
7 | - filters:
8 | - type: RequestHeaderModifier
9 | requestRedirect:
10 | port: 443
11 |
12 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/conformance-test.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Conformance Test
3 | about: Suggest a new Conformance Test
4 | labels: area/conformance-test
5 |
6 | ---
7 |
8 |
9 | **What would you like to be added**:
10 |
11 | **Why this is needed**:
12 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/invalid-tls-mode.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: duplicate-listeners
5 | spec:
6 | gatewayClassName: example
7 | listeners:
8 | - name: foo
9 | protocol: HTTPS
10 | port: 443
11 | tls:
12 | mode: Passthrough
13 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/httproute-portless-service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: portless-service
5 | spec:
6 | parentRefs:
7 | - name: prod-web
8 | rules:
9 | - backendRefs:
10 | - name: foo
11 | kind: Service
12 | group: ""
13 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-path-alphanum-specialchars-mix.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-path-alphanum-specialchars-mix
5 | spec:
6 | rules:
7 | - matches:
8 | - path:
9 | type: PathPrefix
10 | value: /my[/]path01
11 |
--------------------------------------------------------------------------------
/OWNERS:
--------------------------------------------------------------------------------
1 | # See the OWNERS docs at https://go.k8s.io/owners
2 | # See the OWNERS_ALIASES file at https://github.com/kubernetes-sigs/gateway-api/blob/main/OWNERS_ALIASES for a list of members for each alias.
3 |
4 | approvers:
5 | - sig-network-leads
6 | - gateway-api-maintainers
7 |
8 | reviewers:
9 | - gateway-api-maintainers
10 |
--------------------------------------------------------------------------------
/conformance/reports/v0.7.1/cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v1.14.0](https://github.com/cilium/cilium/releases/tag/v1.14.0)|x|[v1.14.0 report](./v1.14.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v0.7.1/istio-istio/README.md:
--------------------------------------------------------------------------------
1 | # Istio
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[pull-46148](https://github.com/istio/istio/pull/46148)|x|[PR #46148 report](./pull-46148-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v0.8.0/kumahq-kuma/README.md:
--------------------------------------------------------------------------------
1 | # KumaHQ Kuma
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[2.4.1](https://github.com/kumahq/kuma/releases/tag/2.4.1)|x|[v2.4.1 report](./2.4.1-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v1.0.0/kumahq-kuma/README.md:
--------------------------------------------------------------------------------
1 | # KumaHQ Kuma
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[2.6.0](https://github.com/kumahq/kuma/releases/tag/2.6.0)|x|[v2.6.0 report](./2.6.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/examples/experimental/v1alpha2/tls-routing/gateway.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: example-gateway
5 | spec:
6 | gatewayClassName: example-gateway-class
7 | listeners:
8 | - name: tls
9 | protocol: TLS
10 | port: 443
11 | tls:
12 | mode: Passthrough
13 |
--------------------------------------------------------------------------------
/examples/experimental/v1alpha2/tls-routing/tls-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1alpha2
2 | kind: TLSRoute
3 | metadata:
4 | name: example-route
5 | spec:
6 | parentRefs:
7 | - name: example-gateway
8 | sectionName: tls
9 | rules:
10 | - backendRefs:
11 | - name: example-svc
12 | port: 443
13 |
--------------------------------------------------------------------------------
/examples/experimental/v1alpha3/tls-routing/gateway.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: example-gateway
5 | spec:
6 | gatewayClassName: example-gateway-class
7 | listeners:
8 | - name: tls
9 | protocol: TLS
10 | port: 443
11 | tls:
12 | mode: Passthrough
13 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/duplicate-header-match.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: duplicate-header-match
5 | spec:
6 | rules:
7 | - matches:
8 | - headers:
9 | - name: foo
10 | value: bar
11 | - name: foo
12 | value: bar
13 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/duplicate-query-match.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: duplicate-query-match
5 | spec:
6 | rules:
7 | - matches:
8 | - queryParams:
9 | - name: foo
10 | value: bar
11 | - name: foo
12 | value: bar
13 |
--------------------------------------------------------------------------------
/conformance/reports/v0.7.1/kumahq-kuma/README.md:
--------------------------------------------------------------------------------
1 | # KumaHQ Kuma
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|0.0.0-preview.vcf063c043|x|[v0.0.0-preview.vcf063c043 report](./0.0.0-preview.vcf063c043-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/geps/gep-1762/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1762
4 | name: In Cluster Gateway Deployments
5 | status: Standard
6 | authors:
7 | - howardjohn
8 | - frankbu
9 | relationships:
10 | extendedBy:
11 | - number: 1867
12 | name: Per-Gateway Infrastructure
13 |
--------------------------------------------------------------------------------
/hack/crd-ref-templates/gv_list.tpl:
--------------------------------------------------------------------------------
1 | {{- define "gvList" -}}
2 | {{- $groupVersions := . -}}
3 | ---
4 | hide:
5 | - toc
6 | ---
7 | # API Reference
8 |
9 | {{- range $groupVersions }}
10 | - {{ markdownRenderGVLink . }}
11 | {{- end }}
12 |
13 | {{ range $groupVersions }}
14 | {{ template "gvDetails" . }}
15 | {{ end }}
16 |
17 | {{- end -}}
--------------------------------------------------------------------------------
/geps/gep-4152/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 4152
4 | name: Extending TLS Validation in BackendTLSPolicy
5 | status: Provisional
6 | authors:
7 | - snorwin
8 | extends:
9 | - number: 1897
10 | name: BackendTLSPolicy - Explicit Backend TLS Connection Configuration
11 |
--------------------------------------------------------------------------------
/.openvex/templates/main.openvex.json:
--------------------------------------------------------------------------------
1 | {
2 | "@context": "https://openvex.dev/ns/v0.2.0",
3 | "@id": "https://openvex.dev/docs/public/vex-7184cf1b7aed8c51c607d4ccf6c15eb2841d1215c4f8a8607ab7c22bea0f4eac",
4 | "author": "vexctl (automated template)",
5 | "timestamp": "2023-12-16T16:51:30.852422097Z",
6 | "version": 1,
7 | "statements": []
8 | }
9 |
--------------------------------------------------------------------------------
/conformance/reports/v1.0.0/envoy-gateway/README.md:
--------------------------------------------------------------------------------
1 | # Envoy Gateway
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v0.6.0](https://github.com/envoyproxy/gateway/releases/tag/v0.6.0)|x|[v0.6.0 report](./v0.6.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v0.8.1/cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v1.15.0-pre.1](https://github.com/cilium/cilium/releases/tag/v1.15.0-pre.1)|x|[v1.15.0-pre.1 report](./v1.15.0-pre.1-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v1.0.0/cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v1.15.0-pre.3](https://github.com/cilium/cilium/releases/tag/v1.15.0-pre.3)|x|[v1.15.0-pre.3 report](./v1.15.0-pre.3-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/duplicate-listeners.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: duplicate-listeners
5 | spec:
6 | gatewayClassName: example
7 | listeners:
8 | - name: same
9 | protocol: HTTP
10 | port: 80
11 | - name: same
12 | protocol: HTTP
13 | port: 443
14 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-observed-generation-bump.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: observed-generation-bump
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - name: infra-backend-v1
12 | port: 8080
13 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-simple-same-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: gateway-conformance-infra-test
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - name: infra-backend-v1
12 | port: 8080
13 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-filter-duplicate-header.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-filter-duplicate-header
5 | spec:
6 | rules:
7 | - filters:
8 | - type: RequestHeaderModifier
9 | requestHeaderModifier:
10 | remove:
11 | - foo
12 | - foo
13 |
--------------------------------------------------------------------------------
/conformance/reports/v0.8.0/projectcontour-contour/README.md:
--------------------------------------------------------------------------------
1 | # Projectcontour Contour
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v1.26.0](https://github.com/projectcontour/contour/releases/tag/v1.26.0)|x|[v1.26.0 report](./v1.26.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/examples/experimental/v1alpha3/tls-routing/tls-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1alpha3
2 | kind: TLSRoute
3 | metadata:
4 | name: example-route
5 | spec:
6 | parentRefs:
7 | - name: example-gateway
8 | sectionName: tls
9 | hostnames:
10 | - "example.com"
11 | rules:
12 | - backendRefs:
13 | - name: example-svc
14 | port: 443
15 |
--------------------------------------------------------------------------------
/conformance/reports/v0.7.1/nginx-nginx-gateway-fabric/README.md:
--------------------------------------------------------------------------------
1 | # Nginx NGINX Gateway Fabric
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v0.5.0](https://github.com/nginx/nginx-gateway-fabric/releases/tag/v0.5.0)|x|[v0.5.0 report](./v0.5.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v0.8.0/nginx-nginx-gateway-fabric/README.md:
--------------------------------------------------------------------------------
1 | # Nginx NGINX Gateway Fabric
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v0.6.0](https://github.com/nginx/nginx-gateway-fabric/releases/tag/v0.6.0)|x|[v0.6.0 report](./v0.6.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v0.8.1/nginx-nginx-gateway-fabric/README.md:
--------------------------------------------------------------------------------
1 | # Nginx NGINX Gateway Fabric
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v1.0.0](https://github.com/nginx/nginx-gateway-fabric/releases/tag/v1.0.0)|x|[v1.0.0 report](./v1.0.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/examples/experimental/destination-port-matching-tcp.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1alpha2
2 | kind: TCPRoute
3 | metadata:
4 | name: destination-port-matching-example
5 | spec:
6 | parentRefs:
7 | - name: my-mesh
8 | group: example.io
9 | kind: Mesh
10 | port: 8000
11 | rules:
12 | - backendRefs:
13 | - name: my-service
14 | port: 8080
15 |
--------------------------------------------------------------------------------
/examples/standard/reference-grant.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/concepts/security-model.md
3 | apiVersion: gateway.networking.k8s.io/v1beta1
4 | kind: ReferenceGrant
5 | metadata:
6 | name: allow-prod-traffic
7 | spec:
8 | from:
9 | - group: gateway.networking.k8s.io
10 | kind: HTTPRoute
11 | namespace: prod
12 | to:
13 | - group: ""
14 | kind: Service
15 |
--------------------------------------------------------------------------------
/examples/standard/simple-gateway/httproute.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/simple-gateway.md
3 | #$ - site-src/blog/2021/introducing-v1beta1.md
4 | apiVersion: gateway.networking.k8s.io/v1
5 | kind: HTTPRoute
6 | metadata:
7 | name: foo
8 | spec:
9 | parentRefs:
10 | - name: prod-web
11 | rules:
12 | - backendRefs:
13 | - name: foo-svc
14 | port: 8080
15 |
--------------------------------------------------------------------------------
/CHANGELOG/1.3-TEAM.md:
--------------------------------------------------------------------------------
1 | # v1.3 Release Team
2 |
3 | | Enhancement | Leads |
4 | | - | - |
5 | | Percentage-Based Request Mirroring | @LiorLieberman, @jakebennert |
6 | | CORS (Cross Origin Resource Sharing) Filter | @liangli, @EyalPazz, @robscott |
7 | | XListenerSets (Standard Mechanism to Merge Gateways)| @dprotaso |
8 | | XBackendTrafficPolicy (Retry Budgets) | @ericdbishop |
9 |
10 |
--------------------------------------------------------------------------------
/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - standard/gateway.networking.k8s.io_gatewayclasses.yaml
3 | - standard/gateway.networking.k8s.io_gateways.yaml
4 | - standard/gateway.networking.k8s.io_grpcroutes.yaml
5 | - standard/gateway.networking.k8s.io_httproutes.yaml
6 | - standard/gateway.networking.k8s.io_referencegrants.yaml
7 | - standard/gateway.networking.k8s.io_backendtlspolicies.yaml
8 |
--------------------------------------------------------------------------------
/conformance/tests/gateway-optional-address-value.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: gateway-without-address-value
5 | namespace: gateway-conformance-infra
6 | spec:
7 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
8 | addresses:
9 | - type: "IPAddress"
10 | listeners:
11 | - name: http
12 | port: 8080
13 | protocol: HTTP
14 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-cross-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: cross-namespace
5 | namespace: gateway-conformance-web-backend
6 | spec:
7 | parentRefs:
8 | - name: backend-namespaces
9 | namespace: gateway-conformance-infra
10 | rules:
11 | - backendRefs:
12 | - name: web-backend
13 | port: 8080
14 |
--------------------------------------------------------------------------------
/examples/standard/traffic-splitting/simple-split.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/traffic-splitting.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: simple-split
7 | spec:
8 | rules:
9 | - backendRefs:
10 | - name: foo-v1
11 | port: 8080
12 | weight: 90
13 | - name: foo-v2
14 | port: 8080
15 | weight: 10
16 |
--------------------------------------------------------------------------------
/hack/invalid-examples/experimental/httproute/invalid-filter-externalauth-bad-http-path.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-filter-externalauth-empty
5 | spec:
6 | rules:
7 | - filters:
8 | - type: ExternalAuth
9 | externalAuth:
10 | protocol: HTTP
11 | http:
12 | path: /[]
13 |
--------------------------------------------------------------------------------
/hack/invalid-examples/experimental/httproute/invalid-header-value.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-header-value
5 | spec:
6 | rules:
7 | - filters:
8 | - type: ResponseHeaderModifier
9 | responseHeaderModifier:
10 | add:
11 | - name: X-Test-Header
12 | value: "this\nis\rinvalid\r\nvalue"
13 |
--------------------------------------------------------------------------------
/conformance/OWNERS:
--------------------------------------------------------------------------------
1 | # See the OWNERS docs at https://go.k8s.io/owners
2 | # See the OWNERS_ALIASES file at https://github.com/kubernetes-sigs/gateway-api/blob/main/OWNERS_ALIASES for a list of members for each alias.
3 |
4 | approvers:
5 | - gateway-api-conformance-approvers
6 | - gateway-api-mesh-leads
7 |
8 | reviewers:
9 | - gateway-api-conformance-reviewers
10 | - gateway-api-mesh-leads
11 |
--------------------------------------------------------------------------------
/examples/standard/multicluster/httproute-simple.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - geps/gep-1748.md
3 | kind: HTTPRoute
4 | apiVersion: gateway.networking.k8s.io/v1beta1
5 | metadata:
6 | name: store
7 | spec:
8 | parentRefs:
9 | - name: external-http
10 | rules:
11 | - backendRefs:
12 | - group: multicluster.x-k8s.io
13 | kind: ServiceImport
14 | name: store
15 | port: 8080
16 |
--------------------------------------------------------------------------------
/conformance/reports/v0.7.1/kong-kubernetes-ingress-controller/README.md:
--------------------------------------------------------------------------------
1 | # Kong Kubernetes Ingress Controller
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[2.10.3](https://github.com/Kong/kubernetes-ingress-controller/releases/tag/v2.10.3)|x|[v2.10.3 report](./2.10.3-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/reports/v0.8.1/kong-kubernetes-ingress-controller/README.md:
--------------------------------------------------------------------------------
1 | # Kong Kubernetes Ingress Controller
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[v2.12.0](https://github.com/Kong/kubernetes-ingress-controller/releases/tag/v2.12.0)|x|[v2.12.0 report](./v2.12.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-simple-same-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: gateway-conformance-mesh-test
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - backendRefs:
14 | - name: echo-v1
15 | port: 8080
16 |
--------------------------------------------------------------------------------
/hack/crd-ref-templates/README.md:
--------------------------------------------------------------------------------
1 | The templates contained in this directory were copied from https://github.com/elastic/crd-ref-docs/tree/master/templates/markdown
2 | and had the following modifications:
3 |
4 | - `type.tpl` - Adds an "experimental" marker in case the API field is marked as "experimental"
5 | - `type_members.tpl` - Removes the text between tags ``
--------------------------------------------------------------------------------
/hack/crd-ref-templates/type_members.tpl:
--------------------------------------------------------------------------------
1 | {{- define "type_members" -}}
2 | {{- $field := . -}}
3 | {{- if eq $field.Name "metadata" -}}
4 | Refer to Kubernetes API documentation for fields of `metadata`.
5 | {{- else -}}
6 | {{- $cleanDoc := regexReplaceAllLiteral "(?s).*?" $field.Doc "" -}}
7 | {{ markdownRenderFieldDoc $cleanDoc }}
8 | {{- end -}}
9 | {{- end -}}
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-httpredirect-hostname.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-backend-port
5 | spec:
6 | rules:
7 | - backendRefs:
8 | - name: my-service
9 | port: 8080
10 | filters:
11 | - type: RequestRedirect
12 | requestRedirect:
13 | hostname: "*.gateway.networking.k8s.io"
14 |
15 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-invalid-nonexistent-backendref.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-nonexistent-backend-ref
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - name: nonexistent
12 | namespace: gateway-conformance-infra
13 | port: 8080
14 |
--------------------------------------------------------------------------------
/examples/standard/backendtlspolicy/backendtlspolicy-system-certs.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/tls.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: BackendTLSPolicy
5 | metadata:
6 | name: tls-upstream-dev
7 | spec:
8 | targetRefs:
9 | - kind: Service
10 | name: dev
11 | group: ""
12 | validation:
13 | wellKnownCACertificates: "System"
14 | hostname: dev.example.com
15 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/tlsconfig-tcp.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: tlsconfig-tcp
5 | spec:
6 | gatewayClassName: example
7 | listeners:
8 | - name: example
9 | protocol: TCP
10 | port: 443
11 | tls:
12 | certificateRefs:
13 | - kind: Secret
14 | group: ""
15 | name: bar-example-com-cert
16 |
17 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-invalid-cross-namespace-parent-ref.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-cross-namespace-parent-ref
5 | namespace: gateway-conformance-web-backend
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | namespace: gateway-conformance-infra
10 | rules:
11 | - backendRefs:
12 | - name: web-backend
13 | port: 8080
14 |
--------------------------------------------------------------------------------
/geps/gep-1911/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1911
4 | name: Backend Protocol Selection
5 | status: Standard
6 | authors:
7 | - dprotaso
8 | - robscott
9 | - frankbu
10 | relationships:
11 | obsoletes:
12 | - number: 1282
13 | name: Describing Backend Properties
14 | description: Protocol selection was one of the Backend Properties.
15 |
--------------------------------------------------------------------------------
/hack/crd-ref-templates/gv_details.tpl:
--------------------------------------------------------------------------------
1 | {{- define "gvDetails" -}}
2 | {{- $gv := . -}}
3 |
4 | ## {{ $gv.GroupVersionString }}
5 |
6 | {{ $gv.Doc }}
7 |
8 | {{- if $gv.Kinds }}
9 | ### Resource Types
10 | {{- range $gv.SortedKinds }}
11 | - {{ $gv.TypeForKind . | markdownRenderTypeLink }}
12 | {{- end }}
13 | {{ end }}
14 |
15 | {{ range $gv.SortedTypes }}
16 | {{ template "type" . }}
17 | {{ end }}
18 |
19 | {{- end -}}
20 |
--------------------------------------------------------------------------------
/conformance/reports/v0.7.1/projectcontour-contour/README.md:
--------------------------------------------------------------------------------
1 | # Projectcontour Contour
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[f6c112e](https://github.com/projectcontour/contour/commit/f6c112e60a40ceb9d448354473a8fe7d1a726790)|x|[f6c112e report](./f6c112e60a40ceb9d448354473a8fe7d1a726790-report.yaml)|
8 |
9 | ## Reproduce
10 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-invalid-cross-namespace-backend-ref.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-cross-namespace-backend-ref
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - name: web-backend
12 | namespace: gateway-conformance-web-backend
13 | port: 8080
14 |
--------------------------------------------------------------------------------
/examples/standard/simple-http-https/bar-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: bar
5 | spec:
6 | parentRefs:
7 | - name: example-gateway
8 | sectionName: https
9 | hostnames:
10 | - bar.example.com
11 | rules:
12 | - matches:
13 | - path:
14 | type: PathPrefix
15 | value: /
16 | backendRefs:
17 | - name: bar-app
18 | port: 80
19 |
--------------------------------------------------------------------------------
/examples/standard/simple-gateway/gateway.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/traffic-splitting.md
3 | #$ - site-src/guides/simple-gateway.md
4 | apiVersion: gateway.networking.k8s.io/v1
5 | kind: Gateway
6 | metadata:
7 | name: prod-web
8 | spec:
9 | gatewayClassName: example
10 | listeners:
11 | - protocol: HTTP
12 | port: 80
13 | name: prod-web-gw
14 | allowedRoutes:
15 | namespaces:
16 | from: Same
17 |
--------------------------------------------------------------------------------
/site-src/OWNERS:
--------------------------------------------------------------------------------
1 | # See the OWNERS docs at https://go.k8s.io/owners
2 | # See the OWNERS_ALIASES file at https://github.com/kubernetes-sigs/gateway-api/blob/main/OWNERS_ALIASES for a list of members for each alias.
3 |
4 | approvers:
5 | - sig-network-leads
6 | - gateway-api-maintainers
7 | - gateway-api-doc-approvers
8 |
9 | reviewers:
10 | - gateway-api-maintainers
11 | - gateway-api-mesh-leads
12 | - gateway-api-doc-approvers
13 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-invalid-backendref-unknown-kind.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-backend-ref-unknown-kind
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - group: unknownkind.example.com
12 | kind: NonExistent
13 | name: infra-backend-v1
14 | port: 8080
15 |
--------------------------------------------------------------------------------
/geps/gep-1686/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1686
4 | name: Mesh conformance testing plan
5 | status: Standard
6 | authors:
7 | - michaelbeaumont
8 | - mikemorris
9 | - howardjohn
10 | - kflynn
11 | relationships:
12 | extends:
13 | - number: 1324
14 | name: Service Mesh in Gateway API
15 | description: Adds initial Mesh conformance testing plan
16 |
--------------------------------------------------------------------------------
/hack/mkdocs/OWNERS:
--------------------------------------------------------------------------------
1 | # See the OWNERS docs at https://go.k8s.io/owners
2 | # See the OWNERS_ALIASES file at https://github.com/kubernetes-sigs/gateway-api/blob/main/OWNERS_ALIASES for a list of members for each alias.
3 |
4 | approvers:
5 | - sig-network-leads
6 | - gateway-api-maintainers
7 | - gateway-api-doc-approvers
8 |
9 | reviewers:
10 | - gateway-api-maintainers
11 | - gateway-api-mesh-leads
12 | - gateway-api-doc-approvers
13 |
--------------------------------------------------------------------------------
/examples/experimental/backend-tls.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: backend-tls
5 | spec:
6 | gatewayClassName: acme-lb
7 | tls:
8 | backend:
9 | clientCertificateRef:
10 | kind: Secret
11 | group: ""
12 | name: foo-example-cert
13 | listeners:
14 | - name: foo-https
15 | protocol: HTTP
16 | port: 80
17 | hostname: foo.example.com
18 | ---
19 |
--------------------------------------------------------------------------------
/examples/standard/simple-http-https/tls-redirect-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: tls-redirect
5 | spec:
6 | parentRefs:
7 | - name: example-gateway
8 | sectionName: http
9 | hostnames:
10 | - foo.example.com
11 | - bar.example.com
12 | rules:
13 | - filters:
14 | - type: RequestRedirect
15 | requestRedirect:
16 | scheme: https
17 | port: 443
18 |
--------------------------------------------------------------------------------
/examples/standard/http-route-attachment/httproute.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/concepts/api-overview.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: my-route
7 | namespace: gateway-api-example-ns2
8 | spec:
9 | parentRefs:
10 | - kind: Gateway
11 | name: foo-gateway
12 | namespace: gateway-api-example-ns1
13 | rules:
14 | - backendRefs:
15 | - name: foo-svc
16 | port: 8080
17 |
--------------------------------------------------------------------------------
/conformance/tests/gateway-observed-generation-bump.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: gateway-observed-generation-bump
5 | namespace: gateway-conformance-infra
6 | spec:
7 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
8 | listeners:
9 | - name: http
10 | hostname: "bar.com"
11 | port: 80
12 | protocol: HTTP
13 | allowedRoutes:
14 | namespaces:
15 | from: All
16 |
--------------------------------------------------------------------------------
/examples/standard/cross-namespace-routing/store-route.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/multiple-ns.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: store
7 | namespace: store-ns
8 | spec:
9 | parentRefs:
10 | - name: shared-gateway
11 | namespace: infra-ns
12 | rules:
13 | - matches:
14 | - path:
15 | value: /store
16 | backendRefs:
17 | - name: store
18 | port: 8080
19 |
--------------------------------------------------------------------------------
/conformance/tests/gateway-infrastructure.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: gateway.networking.k8s.io/v1
3 | kind: Gateway
4 | metadata:
5 | name: gateway-with-infrastructure-metadata
6 | namespace: gateway-conformance-infra
7 | spec:
8 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
9 | infrastructure:
10 | annotations:
11 | key1: value1
12 | labels:
13 | key2: value2
14 | listeners:
15 | - name: http
16 | port: 8080
17 | protocol: HTTP
18 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-303-redirect.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: 303-redirect
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /see-other
14 | filters:
15 | - type: RequestRedirect
16 | requestRedirect:
17 | statusCode: 303
18 |
19 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-307-redirect.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: 307-redirect
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /temporary
14 | filters:
15 | - type: RequestRedirect
16 | requestRedirect:
17 | statusCode: 307
18 |
19 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-308-redirect.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: 308-redirect
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /permanent
14 | filters:
15 | - type: RequestRedirect
16 | requestRedirect:
17 | statusCode: 308
18 |
19 |
--------------------------------------------------------------------------------
/geps/OWNERS:
--------------------------------------------------------------------------------
1 | # See the OWNERS docs at https://go.k8s.io/owners
2 | # See the OWNERS_ALIASES file at https://github.com/kubernetes-sigs/gateway-api/blob/main/OWNERS_ALIASES for a list of members for each alias.
3 |
4 | approvers:
5 | - sig-network-leads
6 | - gateway-api-maintainers
7 |
8 | reviewers:
9 | - gateway-api-maintainers
10 | - gateway-api-mesh-leads
11 | - gateway-api-gep-reviewers
12 |
13 | labels:
14 | - kind/gep
15 | - do-not-merge/hold
16 |
--------------------------------------------------------------------------------
/conformance/echo-basic/.go.mod:
--------------------------------------------------------------------------------
1 | module sigs.k8s.io/gateway-api/conformance/echo-basic
2 |
3 | go 1.21
4 |
5 | require (
6 | golang.org/x/net v0.21.0
7 | google.golang.org/grpc v1.53.0
8 | google.golang.org/protobuf v1.28.1
9 | )
10 |
11 | require (
12 | github.com/golang/protobuf v1.5.2 // indirect
13 | golang.org/x/sys v0.17.0 // indirect
14 | golang.org/x/text v0.14.0 // indirect
15 | google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
16 | )
17 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-weight.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-weighted-backends
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - backendRefs:
14 | - name: echo-v1
15 | port: 8080
16 | weight: 70
17 | - name: echo-v2
18 | port: 8080
19 | weight: 30
20 |
--------------------------------------------------------------------------------
/examples/experimental/http-route-timeouts/timeout-example.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: timeout-example
5 | spec:
6 | parentRefs:
7 | - name: example-gateway
8 | rules:
9 | - matches:
10 | - path:
11 | type: PathPrefix
12 | value: /timeout
13 | timeouts:
14 | request: 10s
15 | backendRequest: 2s
16 | backendRefs:
17 | - name: timeout-svc
18 | port: 8080
19 |
--------------------------------------------------------------------------------
/examples/standard/backendtlspolicy/backendtlspolicy-ca-certs.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/tls.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: BackendTLSPolicy
5 | metadata:
6 | name: tls-upstream-auth
7 | spec:
8 | targetRefs:
9 | - kind: Service
10 | name: auth
11 | group: ""
12 | validation:
13 | caCertificateRefs:
14 | - kind: ConfigMap
15 | name: auth-cert
16 | group: ""
17 | hostname: auth.example.com
18 |
--------------------------------------------------------------------------------
/examples/standard/http-routing/foo-httproute.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-routing.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: foo-route
7 | spec:
8 | parentRefs:
9 | - name: example-gateway
10 | hostnames:
11 | - "foo.example.com"
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /login
17 | backendRefs:
18 | - name: foo-svc
19 | port: 8080
20 |
--------------------------------------------------------------------------------
/examples/standard/traffic-splitting/traffic-split-3.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/traffic-splitting.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: foo-route
7 | labels:
8 | gateway: prod-web-gw
9 | spec:
10 | hostnames:
11 | - foo.example.com
12 | rules:
13 | - backendRefs:
14 | - name: foo-v1
15 | port: 8080
16 | weight: 0
17 | - name: foo-v2
18 | port: 8080
19 | weight: 1
20 |
--------------------------------------------------------------------------------
/examples/standard/grpc-routing/foo-grpcroute.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/grpc-routing.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: GRPCRoute
5 | metadata:
6 | name: foo-route
7 | spec:
8 | parentRefs:
9 | - name: example-gateway
10 | hostnames:
11 | - "foo.example.com"
12 | rules:
13 | - matches:
14 | - method:
15 | service: com.example
16 | method: Login
17 | backendRefs:
18 | - name: foo-svc
19 | port: 50051
20 |
--------------------------------------------------------------------------------
/examples/standard/http-rewrite.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: http-filter-1
5 | namespace: gateway-api-example-ns1
6 | spec:
7 | parentRefs:
8 | - name: my-filter-gateway
9 | sectionName: http
10 | hostnames:
11 | - my-filter.example.com
12 | rules:
13 | - filters:
14 | - type: URLRewrite
15 | urlRewrite:
16 | path:
17 | type: ReplaceFullPath
18 | replaceFullPath: /foo
19 |
--------------------------------------------------------------------------------
/examples/standard/traffic-splitting/grpc-traffic-split-2.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/api-types/grpcroute.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: GRPCRoute
5 | metadata:
6 | name: foo-route
7 | labels:
8 | gateway: prod-web-gw
9 | spec:
10 | hostnames:
11 | - foo.example.com
12 | rules:
13 | - backendRefs:
14 | - name: foo-v1
15 | port: 50051
16 | weight: 90
17 | - name: foo-v2
18 | port: 50051
19 | weight: 10
20 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-request-redirect-with-backendref.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: http-filter-rewrite
5 | spec:
6 | hostnames:
7 | - rewrite.example
8 | rules:
9 | - filters:
10 | - type: RequestRedirect
11 | requestRedirect:
12 | scheme: https
13 | statusCode: 301
14 | backendRefs:
15 | - name: example-svc
16 | port: 80
17 |
--------------------------------------------------------------------------------
/examples/standard/multicluster/httproute-gamma.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - geps/gep-1748.md
3 | kind: HTTPRoute
4 | apiVersion: gateway.networking.k8s.io/v1beta1
5 | metadata:
6 | name: store
7 | spec:
8 | parentRefs:
9 | - group: multicluster.x-k8s.io
10 | kind: ServiceImport
11 | name: store
12 | rules:
13 | - matches:
14 | - path:
15 | value: "/cart"
16 | backendRefs:
17 | - group: multicluster.x-k8s.io
18 | kind: ServiceImport
19 | name: cart
20 |
--------------------------------------------------------------------------------
/geps/gep-1294/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1294
4 | name: xRoutes Mesh Binding
5 | status: Standard
6 | authors:
7 | - mikemorris
8 | - howardjohn
9 | - keithmattix
10 | relationships:
11 | extends:
12 | - number: 1324
13 | name: Service Mesh in Gateway API
14 | description: Adds initial Service binding proposal
15 | changelog:
16 | - "https://github.com/kubernetes-sigs/gateway-api/pull/2688"
17 |
--------------------------------------------------------------------------------
/geps/gep-3155/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 3155
4 | name: Complete Backend mutual TLS Configuration
5 | status: Experimental
6 | authors:
7 | - mkosieradzki
8 | - robscott
9 | featureNames:
10 | - BackendTLSPolicySANs
11 | relationships:
12 | seeAlso:
13 | - number: 2907
14 | name: TLS Configuration Placement and Terminology
15 | description: Will use some of the terminology defined by this GEP.
16 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-path.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: http-filter-1
5 | namespace: gateway-api-example-ns1
6 | spec:
7 | parentRefs:
8 | - name: my-filter-gateway
9 | sectionName: http
10 | hostnames:
11 | - my-filter.example.com
12 | rules:
13 | - filters:
14 | - type: RequestRedirect
15 | requestRedirect:
16 | path:
17 | type: ReplaceFullPath
18 | replaceFullPath: /foo
19 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-redirect-https.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: https-route
7 | labels:
8 | gateway: redirect-gateway
9 | spec:
10 | parentRefs:
11 | - name: redirect-gateway
12 | sectionName: https
13 | hostnames:
14 | - redirect.example
15 | rules:
16 | - backendRefs:
17 | - name: example-svc
18 | port: 80
19 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-weight.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: weighted-backends
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - name: infra-backend-v1
12 | port: 8080
13 | weight: 70
14 | - name: infra-backend-v2
15 | port: 8080
16 | weight: 30
17 | - name: infra-backend-v3
18 | port: 8080
19 | weight: 0
20 |
--------------------------------------------------------------------------------
/conformance/reports/v1.1.0/istio-istio/README.md:
--------------------------------------------------------------------------------
1 | # Istio
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[1.22](https://github.com/istio/istio/releases/tag/1.22.0)|x|[v1.22 report](./experimental-1.22-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | Istio conformance tests can be reproduced by running `prow/integ-suite-kind.sh test.integration.pilot.kube` from within the [Istio repo](https://github.com/istio/istio).
--------------------------------------------------------------------------------
/conformance/reports/v1.2.0/istio-istio/README.md:
--------------------------------------------------------------------------------
1 | # Istio
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[1.24](https://github.com/istio/istio/releases/tag/1.24.0)|x|[v1.24 report](./experimental-1.24-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | Istio conformance tests can be reproduced by running `prow/integ-suite-kind.sh test.integration.pilot.kube` from within the [Istio repo](https://github.com/istio/istio).
--------------------------------------------------------------------------------
/conformance/reports/v1.4.0/istio-istio/README.md:
--------------------------------------------------------------------------------
1 | # Istio
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[1.28.0](https://github.com/istio/istio/releases/tag/1.28.0)|x|[1.28.0 report](./1.28.0-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | Istio conformance tests can be reproduced by running `prow/integ-suite-kind.sh test.integration.pilot.kube` from within the [Istio repo](https://github.com/istio/istio).
12 |
--------------------------------------------------------------------------------
/conformance/reports/v1.2.1/istio-istio/README.md:
--------------------------------------------------------------------------------
1 | # Istio
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[1.24](https://github.com/istio/istio/releases/tag/1.24.2)|x|[v1.2.4 report](./experimental-1.24-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | Istio conformance tests can be reproduced by running `prow/integ-suite-kind.sh test.integration.pilot.kube` from within the [Istio repo](https://github.com/istio/istio).
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-307-redirect.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-307-redirect
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /temporary
17 | filters:
18 | - type: RequestRedirect
19 | requestRedirect:
20 | statusCode: 307
21 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-redirect-http.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-redirect
7 | spec:
8 | parentRefs:
9 | - name: redirect-gateway
10 | sectionName: http
11 | hostnames:
12 | - redirect.example
13 | rules:
14 | - filters:
15 | - type: RequestRedirect
16 | requestRedirect:
17 | scheme: https
18 | statusCode: 301
19 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-rewrite.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/api-types/httproute.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-rewrite
7 | spec:
8 | hostnames:
9 | - rewrite.example
10 | rules:
11 | - filters:
12 | - type: URLRewrite
13 | urlRewrite:
14 | hostname: elsewhere.example
15 | backendRefs:
16 | - name: example-svc
17 | weight: 1
18 | port: 80
19 |
--------------------------------------------------------------------------------
/examples/standard/multicluster/httproute-hybrid.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - geps/gep-1748.md
3 | kind: HTTPRoute
4 | apiVersion: gateway.networking.k8s.io/v1beta1
5 | metadata:
6 | name: store
7 | spec:
8 | parentRefs:
9 | - name: external-http
10 | rules:
11 | - backendRefs:
12 | - kind: Service
13 | name: store
14 | port: 8080
15 | weight: 90
16 | - group: multicluster.x-k8s.io
17 | kind: ServiceImport
18 | name: store-global
19 | port: 8080
20 | weight: 10
21 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/httproute/invalid-filter-duplicate.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: invalid-filter-duplicate
5 | spec:
6 | rules:
7 | - filters:
8 | - type: RequestHeaderModifier
9 | requestHeaderModifier:
10 | add:
11 | - name: my-header
12 | value: foo
13 | - type: RequestHeaderModifier
14 | requestHeaderModifier:
15 | add:
16 | - name: my-header
17 | value: bar
18 |
19 |
--------------------------------------------------------------------------------
/conformance/tests/grpcroute-weight.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: GRPCRoute
3 | metadata:
4 | name: weighted-backends
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - name: grpc-infra-backend-v1
12 | port: 8080
13 | weight: 70
14 | - name: grpc-infra-backend-v2
15 | port: 8080
16 | weight: 30
17 | - name: grpc-infra-backend-v3
18 | port: 8080
19 | weight: 0
20 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-303-redirect.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-303-redirect
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /redirect
17 | filters:
18 | - type: RequestRedirect
19 | requestRedirect:
20 | statusCode: 303
21 |
22 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-308-redirect.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-308-redirect
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /permanent
17 | filters:
18 | - type: RequestRedirect
19 | requestRedirect:
20 | statusCode: 308
21 |
22 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/mesh-frontend.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-split-v1
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo-v2
11 | rules:
12 | - filters:
13 | - type: ResponseHeaderModifier
14 | responseHeaderModifier:
15 | set:
16 | - name: X-Header-Set
17 | value: set
18 | backendRefs:
19 | - name: echo-v2
20 | port: 80
21 |
--------------------------------------------------------------------------------
/examples/standard/traffic-splitting/traffic-split-2.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/traffic-splitting.md
3 | #$ - site-src/api-types/httproute.md
4 | apiVersion: gateway.networking.k8s.io/v1
5 | kind: HTTPRoute
6 | metadata:
7 | name: foo-route
8 | labels:
9 | gateway: prod-web-gw
10 | spec:
11 | hostnames:
12 | - foo.example.com
13 | rules:
14 | - backendRefs:
15 | - name: foo-v1
16 | port: 8080
17 | weight: 90
18 | - name: foo-v2
19 | port: 8080
20 | weight: 10
21 |
--------------------------------------------------------------------------------
/conformance/reports/v1.3.0/istio-istio/README.md:
--------------------------------------------------------------------------------
1 | # Istio
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |x|[1.26.1](https://github.com/istio/istio/releases/tag/1.26.1)|x|[1.26.1 report](./experimental-1.26.1-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | Istio conformance tests can be reproduced by running `prow/integ-suite-kind.sh test.integration.pilot.kube` from within the [Istio repo](https://github.com/istio/istio).
12 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/gateway-redirect-http-https.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: redirect-gateway
7 | spec:
8 | gatewayClassName: foo-lb
9 | listeners:
10 | - name: http
11 | protocol: HTTP
12 | port: 80
13 | - name: https
14 | protocol: HTTPS
15 | port: 443
16 | tls:
17 | mode: Terminate
18 | certificateRefs:
19 | - name: redirect-example
20 |
--------------------------------------------------------------------------------
/geps/gep-1767/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1767
4 | name: CORS Filter
5 | status: Experimental
6 | authors:
7 | - lianglli
8 | - robscott
9 | - EyalPazz
10 | - shaneutt
11 | references:
12 | - https://github.com/kubernetes-sigs/gateway-api/pull/3435
13 | - https://github.com/kubernetes-sigs/gateway-api/pull/3637
14 | - https://github.com/kubernetes-sigs/gateway-api/pull/3656
15 | - https://github.com/kubernetes-sigs/gateway-api/pull/3668
16 |
17 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-backend-protocol-h2c.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: backend-protocol-h2c
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | # This points to a Service with the following ServicePort
12 | # - protocol: TCP
13 | # appProtocol: kubernetes.io/h2c
14 | # port: 8081
15 | # targetPort: 3001
16 | - name: infra-backend-v1
17 | port: 8081
18 |
--------------------------------------------------------------------------------
/geps/gep-1324/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1324
4 | name: Service Mesh in Gateway API
5 | status: Memorandum
6 | authors:
7 | - keithmattix
8 | - markmc
9 | - kflynn
10 | relationships:
11 | extendedBy:
12 | - number: 1426
13 | name: xRoutes Mesh Binding
14 | description: Adds initial Service binding proposal
15 | - number: 1686
16 | name: Mesh conformance testing plan
17 | description: Adds initial Mesh conformance testing plan
18 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/grpcroute-weight.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: GRPCRoute
3 | metadata:
4 | name: mesh-grpc-weighted-backends
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 7070
12 | rules:
13 | - backendRefs:
14 | - name: echo-v1
15 | port: 7070
16 | weight: 70
17 | - name: echo-v2
18 | port: 7070
19 | weight: 30
20 | - name: echo-v3
21 | port: 7070
22 | weight: 0
23 |
--------------------------------------------------------------------------------
/examples/standard/traffic-splitting/traffic-split-1.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/traffic-splitting.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: foo-route
7 | labels:
8 | gateway: prod-web-gw
9 | spec:
10 | hostnames:
11 | - foo.example.com
12 | rules:
13 | - backendRefs:
14 | - name: foo-v1
15 | port: 8080
16 | - matches:
17 | - headers:
18 | - name: traffic
19 | value: test
20 | backendRefs:
21 | - name: foo-v2
22 | port: 8080
23 |
--------------------------------------------------------------------------------
/examples/experimental/http-route-rule-name.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: example-route
5 | spec:
6 | parentRefs:
7 | - name: example-gateway
8 | rules:
9 | - name: read-only
10 | matches:
11 | - method: GET
12 | backendRefs:
13 | - name: backend-mirror-svc
14 | port: 8080
15 | - name: write-only
16 | matches:
17 | - method: POST
18 | - method: PATCH
19 | - method: DELETE
20 | backendRefs:
21 | - name: backend-svc
22 | port: 8080
23 |
--------------------------------------------------------------------------------
/examples/standard/http-filter.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/api-types/httproute.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-1
7 | spec:
8 | hostnames:
9 | - my.filter.com
10 | rules:
11 | - filters:
12 | - type: RequestHeaderModifier
13 | requestHeaderModifier:
14 | add:
15 | - name: my-header
16 | value: foo
17 | backendRefs:
18 | - name: my-filter-svc1
19 | weight: 1
20 | port: 80
21 |
--------------------------------------------------------------------------------
/geps/gep-2722/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2722
4 | name: Goals and UX for gwctl
5 | status: Memorandum
6 | authors:
7 | - gauravkghildiyal
8 | - robscott
9 | relationships:
10 | seeAlso:
11 | - number: 713
12 | name: Metaresources and Policy Attachment
13 | description: Explains the meaning of a Policy and calls out the idea of building a kubectl plugin or command-line tool.
14 | changelog:
15 | - https://github.com/kubernetes-sigs/gateway-api/pull/2723
16 |
--------------------------------------------------------------------------------
/crd-ref-docs.yaml:
--------------------------------------------------------------------------------
1 | # This file contains configuration for our reference docs generation. For more
2 | # information about the possible configuration, refer to
3 | # https://github.com/elastic/crd-ref-docs.
4 |
5 | processor:
6 | ignoreTypes:
7 | - "()List$"
8 | # RE2 regular expressions describing type fields that should be excluded from the generated documentation.
9 | ignoreFields:
10 | - "TypeMeta$"
11 |
12 | render:
13 | # Version of Kubernetes to use when generating links to Kubernetes API documentation.
14 | kubernetesVersion: 1.32
15 |
--------------------------------------------------------------------------------
/examples/standard/grpc-filter.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/api-types/grpcroute.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: GRPCRoute
5 | metadata:
6 | name: grpc-filter-1
7 | spec:
8 | hostnames:
9 | - my.filter.com
10 | rules:
11 | - filters:
12 | - type: RequestHeaderModifier
13 | requestHeaderModifier:
14 | add:
15 | - name: my-header
16 | value: foo
17 | backendRefs:
18 | - name: my-filter-svc1
19 | weight: 1
20 | port: 50051
21 |
--------------------------------------------------------------------------------
/CHANGELOG/1.1-TEAM.md:
--------------------------------------------------------------------------------
1 | # v1.1 Release Team
2 |
3 | | Enhancement | Leads |
4 | | - | - |
5 | | Service Mesh Support | @howardjohn, @keithmattix, @kflynn, @mikemorris |
6 | | GRPCRoute | @gnossen |
7 | | ParentReference Port | @frankbu |
8 | | Conformance Profiles and Reports | @mlavacca, @shaneutt, @xtineskim |
9 | | Gateway Client Certificate Verification | @arkodg |
10 | | Session Persistence and BackendLBPolicy | @gcs278, @ginayeh |
11 | | TLS Terminology Clarifications | @candita, @robscott |
12 | | Gateway API Maintainers | @robscott, @shaneutt, @youngnick |
13 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-backend-protocol-websocket.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: backend-protocol-ws
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | # This points to a Service with the following ServicePort
12 | # - name: third-port
13 | # appProtocol: kubernetes.io/ws
14 | # protocol: TCP
15 | # port: 8082
16 | # targetPort: 3000
17 | - name: infra-backend-v1
18 | port: 8082
19 |
--------------------------------------------------------------------------------
/examples/standard/http-request-header-remove.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: header-http-echo
5 | spec:
6 | parentRefs:
7 | - name: acme-gw
8 | rules:
9 | - matches:
10 | - path:
11 | type: PathPrefix
12 | value: /remove-a-request-header
13 | filters:
14 | - type: RequestHeaderModifier
15 | requestHeaderModifier:
16 | remove:
17 | - x-request-id
18 | backendRefs:
19 | - name: echo
20 | port: 8080
21 |
--------------------------------------------------------------------------------
/examples/standard/http-routing/bar-httproute.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-routing.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: bar-route
7 | spec:
8 | parentRefs:
9 | - name: example-gateway
10 | hostnames:
11 | - "bar.example.com"
12 | rules:
13 | - matches:
14 | - headers:
15 | - type: Exact
16 | name: env
17 | value: canary
18 | backendRefs:
19 | - name: bar-svc-canary
20 | port: 8080
21 | - backendRefs:
22 | - name: bar-svc
23 | port: 8080
24 |
--------------------------------------------------------------------------------
/geps/gep-1282/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1282
4 | name: Describing Backend Properties
5 | status: Declined
6 | authors:
7 | - youngnick
8 | relationships:
9 | obsoletedBy:
10 | - number: 1897
11 | name: BackendTLSPolicy - Explicit Backend TLS Connection Configuration
12 | description: Implements just part of the Backend Properties GEP.
13 | - number: 1911
14 | name: Backend Protocol Selection
15 | description: Protocol selection was one of the Backend Properties.
16 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/mesh-split.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-split
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | rules:
12 | - matches:
13 | - path:
14 | type: Exact
15 | value: /v1
16 | backendRefs:
17 | - name: echo-v1
18 | port: 80
19 | - matches:
20 | - path:
21 | type: Exact
22 | value: /v2
23 | backendRefs:
24 | - name: echo-v2
25 | port: 80
26 |
--------------------------------------------------------------------------------
/examples/standard/grpc-routing/bar-grpcroute.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/grpc-routing.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: GRPCRoute
5 | metadata:
6 | name: bar-route
7 | spec:
8 | parentRefs:
9 | - name: example-gateway
10 | hostnames:
11 | - "bar.example.com"
12 | rules:
13 | - matches:
14 | - headers:
15 | - type: Exact
16 | name: env
17 | value: canary
18 | backendRefs:
19 | - name: bar-svc-canary
20 | port: 50051
21 | - backendRefs:
22 | - name: bar-svc
23 | port: 50051
24 |
--------------------------------------------------------------------------------
/geps/gep-2907/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2907
4 | name: TLS Configuration Placement and Terminology
5 | status: Memorandum
6 | authors:
7 | - robscott
8 | relationships:
9 | seeAlso:
10 | - number: 91
11 | name: Client Certificate Verification for Gateway Listeners
12 | description: Will use some of the terminology defined by this GEP.
13 | - number: 1897
14 | name: TLS from Gateway to Backend
15 | description: Will use some of the terminology defined by this GEP.
16 |
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # This file is documented at https://git-scm.com/docs/gitattributes.
2 | #
3 | # Linguist-specific attributes are documented at
4 | # https://github.com/github/linguist.
5 |
6 | # Collapse generated code in code reviews.
7 | **/zz_generated.*.go linguist-generated=true
8 | apis/generated/** linguist-generated=true
9 | apis/**/generated.pb.go linguist-generated=true
10 | apis/**/generated.proto linguist-generated=true
11 | config/crd/experimental/** linguist-generated=true
12 | config/crd/standard/** linguist-generated=true
13 | pkg/client/** linguist-generated=true
14 |
15 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-exact-path-matching.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: exact-matching
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: Exact
13 | value: /one
14 | backendRefs:
15 | - name: infra-backend-v1
16 | port: 8080
17 | - matches:
18 | - path:
19 | type: Exact
20 | value: /two
21 | backendRefs:
22 | - name: infra-backend-v2
23 | port: 8080
24 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-invalid-parentref-not-matching-listener-port.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: httproute-listener-not-matching-route-port
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | namespace: gateway-conformance-infra
10 | # mismatched port here (81 is not an available gateway listener) triggers NoMatchingParent reason
11 | port: 81
12 | rules:
13 | - backendRefs:
14 | - name: infra-backend-v1
15 | kind: Service
16 | port: 8080
17 |
--------------------------------------------------------------------------------
/examples/standard/http-route-attachment/gateway-namespaces.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/concepts/api-overview.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: prod-gateway
7 | namespace: gateway-api-example-ns1
8 | spec:
9 | gatewayClassName: foo-lb
10 | listeners:
11 | - name: prod-web
12 | port: 80
13 | protocol: HTTP
14 | allowedRoutes:
15 | kinds:
16 | - kind: HTTPRoute
17 | namespaces:
18 | from: Selector
19 | selector:
20 | matchLabels:
21 | expose-apps: "true"
22 |
--------------------------------------------------------------------------------
/examples/standard/simple-http-https/foo-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: foo
5 | spec:
6 | parentRefs:
7 | - name: example-gateway
8 | sectionName: https
9 | hostnames:
10 | - foo.example.com
11 | rules:
12 | - matches:
13 | - path:
14 | type: PathPrefix
15 | value: /
16 | backendRefs:
17 | - name: foo-app
18 | port: 80
19 | - matches:
20 | - path:
21 | type: PathPrefix
22 | value: /orders
23 | backendRefs:
24 | - name: foo-orders-app
25 | port: 80
26 |
--------------------------------------------------------------------------------
/SECURITY_CONTACTS:
--------------------------------------------------------------------------------
1 | # Defined below are the security contacts for this repo.
2 | #
3 | # They are the contact point for the Product Security Committee to reach out
4 | # to for triaging and handling of incoming issues.
5 | #
6 | # The below names agree to abide by the
7 | # [Embargo Policy](https://git.k8s.io/security/private-distributors-list.md#embargo-policy)
8 | # and will be removed and replaced if they violate that agreement.
9 | #
10 | # DO NOT REPORT SECURITY VULNERABILITIES DIRECTLY TO THESE NAMES, FOLLOW THE
11 | # INSTRUCTIONS AT https://kubernetes.io/security/
12 |
13 | bowei
14 | thockin
15 |
--------------------------------------------------------------------------------
/examples/standard/cross-namespace-routing/0-namespaces.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/multiple-ns.md
3 | apiVersion: v1
4 | kind: Namespace
5 | metadata:
6 | name: infra-ns
7 | labels:
8 | shared-gateway-access: "true"
9 | ---
10 | apiVersion: v1
11 | kind: Namespace
12 | metadata:
13 | name: site-ns
14 | labels:
15 | shared-gateway-access: "true"
16 | ---
17 | apiVersion: v1
18 | kind: Namespace
19 | metadata:
20 | name: store-ns
21 | labels:
22 | shared-gateway-access: "true"
23 | ---
24 | apiVersion: v1
25 | kind: Namespace
26 | metadata:
27 | name: no-external-access
28 |
--------------------------------------------------------------------------------
/config/crd/experimental/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - gateway.networking.k8s.io_backendtlspolicies.yaml
3 | - gateway.networking.k8s.io_gatewayclasses.yaml
4 | - gateway.networking.k8s.io_gateways.yaml
5 | - gateway.networking.k8s.io_grpcroutes.yaml
6 | - gateway.networking.k8s.io_httproutes.yaml
7 | - gateway.networking.k8s.io_referencegrants.yaml
8 | - gateway.networking.k8s.io_tcproutes.yaml
9 | - gateway.networking.k8s.io_tlsroutes.yaml
10 | - gateway.networking.k8s.io_udproutes.yaml
11 | - gateway.networking.x-k8s.io_xbackendtrafficpolicies.yaml
12 | - gateway.networking.x-k8s.io_xlistenersets.yaml
13 |
--------------------------------------------------------------------------------
/examples/standard/http-request-header-add.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: header-http-echo
5 | spec:
6 | parentRefs:
7 | - name: acme-gw
8 | rules:
9 | - matches:
10 | - path:
11 | type: PathPrefix
12 | value: /add-a-request-header
13 | filters:
14 | - type: RequestHeaderModifier
15 | requestHeaderModifier:
16 | add:
17 | - name: my-header-name
18 | value: my-header-value
19 | backendRefs:
20 | - name: echo
21 | port: 8080
22 |
--------------------------------------------------------------------------------
/examples/standard/http-request-mirroring/httproute-mirroring.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-request-mirroring.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-mirror
7 | labels:
8 | gateway: mirror-gateway
9 | spec:
10 | parentRefs:
11 | - name: mirror-gateway
12 | hostnames:
13 | - mirror.example
14 | rules:
15 | - backendRefs:
16 | - name: foo-v1
17 | port: 8080
18 | filters:
19 | - type: RequestMirror
20 | requestMirror:
21 | backendRef:
22 | name: foo-v2
23 | port: 8080
24 |
--------------------------------------------------------------------------------
/geps/gep-1897/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1897
4 | name: BackendTLSPolicy - Explicit Backend TLS Connection Configuration
5 | status: Standard
6 | authors:
7 | - candita
8 | - brianehlert
9 | - robscott
10 | - youngnick
11 | - howardjohn
12 | - snorwin
13 | relationships:
14 | obsoletes:
15 | - number: 1282
16 | name: Describing Backend Properties
17 | description: Implements just part of the Backend Properties GEP.
18 | extendedBy:
19 | - number: 4152
20 | name: Extending TLS Validation in BackendTLSPolicy
21 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-named-rule.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: http-named-rules
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - name: named-rule
11 | matches:
12 | - path:
13 | type: PathPrefix
14 | value: /named
15 | backendRefs:
16 | - name: infra-backend-v1
17 | port: 8080
18 | - matches:
19 | - path:
20 | type: PathPrefix
21 | value: /unnamed
22 | backendRefs:
23 | - name: infra-backend-v2
24 | port: 8080
25 |
--------------------------------------------------------------------------------
/examples/standard/http-request-header-set.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: header-http-echo
5 | spec:
6 | parentRefs:
7 | - name: acme-gw
8 | rules:
9 | - matches:
10 | - path:
11 | type: PathPrefix
12 | value: /edit-a-request-header
13 | filters:
14 | - type: RequestHeaderModifier
15 | requestHeaderModifier:
16 | set:
17 | - name: my-header-name
18 | value: my-new-header-value
19 | backendRefs:
20 | - name: echo
21 | port: 8080
22 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-invalid-parentref-not-matching-section-name.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: httproute-listener-not-matching-section-name
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | namespace: gateway-conformance-infra
10 | port: 80
11 | # mismatched sectionName here (http1 is not an available gateway listener) triggers NoMatchingParent reason
12 | sectionName: http1
13 | rules:
14 | - backendRefs:
15 | - name: infra-backend-v1
16 | kind: Service
17 | port: 8080
18 |
--------------------------------------------------------------------------------
/examples/standard/multicluster/httproute-method.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - geps/gep-1748.md
3 | kind: HTTPRoute
4 | apiVersion: gateway.networking.k8s.io/v1beta1
5 | metadata:
6 | name: api
7 | spec:
8 | parentRefs:
9 | - name: api-gw
10 | rules:
11 | - matches:
12 | - method: POST
13 | - method: PUT
14 | - method: DELETE
15 | backendRefs:
16 | - group: multicluster.x-k8s.io
17 | kind: ServiceImport
18 | name: api-primary
19 | port: 8080
20 | - backendRefs:
21 | - group: multicluster.x-k8s.io
22 | kind: ServiceImport
23 | name: api-replicas
24 | port: 8080
25 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/mesh-consumer-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-echo-add-header
5 | namespace: gateway-conformance-mesh-consumer
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo-v1
11 | namespace: gateway-conformance-mesh
12 | rules:
13 | - filters:
14 | - type: ResponseHeaderModifier
15 | responseHeaderModifier:
16 | set:
17 | - name: X-Header-Set
18 | value: set
19 | backendRefs:
20 | - name: echo-v1
21 | namespace: gateway-conformance-mesh
22 | port: 80
23 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-redirect-full.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/api-types/httproute.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-redirect
7 | spec:
8 | hostnames:
9 | - redirect.example
10 | rules:
11 | - matches:
12 | - path:
13 | type: PathPrefix
14 | value: /cayenne
15 | filters:
16 | - type: RequestRedirect
17 | requestRedirect:
18 | path:
19 | type: ReplaceFullPath
20 | replaceFullPath: /paprika
21 | statusCode: 302
22 |
--------------------------------------------------------------------------------
/examples/standard/http-routing/gateway.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-routing.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: example-gateway
7 | spec:
8 | gatewayClassName: example-gateway-class
9 | listeners:
10 | - name: http
11 | protocol: HTTP
12 | port: 80
13 | ---
14 | apiVersion: gateway.networking.k8s.io/v1
15 | kind: HTTPRoute
16 | metadata:
17 | name: example-route
18 | spec:
19 | parentRefs:
20 | - name: example-gateway
21 | hostnames:
22 | - "example.com"
23 | rules:
24 | - backendRefs:
25 | - name: example-svc
26 | port: 80
27 |
--------------------------------------------------------------------------------
/conformance/tests/gateway-secret-missing-reference-grant.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: gateway-secret-missing-reference-grant
5 | namespace: gateway-conformance-infra
6 | spec:
7 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
8 | listeners:
9 | - name: https
10 | port: 443
11 | protocol: HTTPS
12 | allowedRoutes:
13 | namespaces:
14 | from: All
15 | tls:
16 | certificateRefs:
17 | - group: ""
18 | kind: Secret
19 | name: certificate
20 | namespace: gateway-conformance-web-backend
21 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-redirect-prefix.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/api-types/httproute.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-redirect
7 | spec:
8 | hostnames:
9 | - redirect.example
10 | rules:
11 | - matches:
12 | - path:
13 | type: PathPrefix
14 | value: /cayenne
15 | filters:
16 | - type: RequestRedirect
17 | requestRedirect:
18 | path:
19 | type: ReplacePrefixMatch
20 | replacePrefixMatch: /paprika
21 | statusCode: 302
22 |
--------------------------------------------------------------------------------
/CHANGELOG/1.2-TEAM.md:
--------------------------------------------------------------------------------
1 | # v1.2 Release Team
2 |
3 | | Enhancement | Leads |
4 | | - | - |
5 | | Infrastructure Labels and Annotations | @keithmattix, @snorwin |
6 | | HTTPRoute Timeouts and Durations | @kflynn, @xtineskim |
7 | | BackendProtocol Support | @dprotaso |
8 | | HTTPRoute Retries | @mikemorris |
9 | | Percentage-based request mirroring | @jakebennert |
10 | | Backend TLS Config improvements | @mkosieradzki, @LiorLieberman |
11 | | Named Route Rules | @guicassolato, @howardjohn |
12 | | Conformance Profiles and Reports | @mlavacca, @shaneutt, @xtineskim |
13 | | Gateway API Maintainers | @mlavacca, @robscott, @shaneutt, @youngnick |
14 |
--------------------------------------------------------------------------------
/geps/gep-2257/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2257
4 | name: Gateway API Duration Format
5 | status: Standard
6 | authors:
7 | - kflynn
8 | relationships:
9 | seeAlso:
10 | - number: 1742
11 | name: HTTPRoute Timeouts
12 | description: HTTPRoute Timeouts use the format specified in this GEP.
13 | references:
14 | - https://datatracker.ietf.org/doc/html/rfc8174
15 | - https://datatracker.ietf.org/doc/html/rfc2119
16 | - https://github.com/kubernetes-sigs/gateway-api/pull/2155
17 | changelog:
18 | - https://github.com/kubernetes-sigs/gateway-api/pull/3210
19 |
--------------------------------------------------------------------------------
/examples/standard/cross-namespace-routing/gateway.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/multiple-ns.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: shared-gateway
7 | namespace: infra-ns
8 | spec:
9 | gatewayClassName: shared-gateway-class
10 | listeners:
11 | - name: https
12 | hostname: "foo.example.com"
13 | protocol: HTTPS
14 | port: 443
15 | allowedRoutes:
16 | namespaces:
17 | from: Selector
18 | selector:
19 | matchLabels:
20 | shared-gateway-access: "true"
21 | tls:
22 | certificateRefs:
23 | - name: foo-example-com
24 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-redirect-307.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: method-preserving-redirect
7 | spec:
8 | parentRefs:
9 | - name: redirect-gateway
10 | hostnames:
11 | - api.example.com
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /api/v1
17 | filters:
18 | - type: RequestRedirect
19 | requestRedirect:
20 | path:
21 | type: ReplaceFullPath
22 | replaceFullPath: /api/v2
23 | statusCode: 307
24 |
--------------------------------------------------------------------------------
/examples/standard/httproute.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: my-app
5 | spec:
6 | rules:
7 | - matches:
8 | - path:
9 | type: PathPrefix
10 | value: /mypath
11 | backendRefs:
12 | - name: my-service-1
13 | port: 8080
14 | - matches:
15 | - path:
16 | type: PathPrefix
17 | value: /mypath-012
18 | backendRefs:
19 | - name: my-service-2
20 | port: 8080
21 | - matches:
22 | - path:
23 | type: PathPrefix
24 | value: /my%20path/123
25 | backendRefs:
26 | - name: my-service-3
27 | port: 8080
28 |
29 |
--------------------------------------------------------------------------------
/apis/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package apis
18 |
--------------------------------------------------------------------------------
/apisx/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2025 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package apisx
18 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-named-rule.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-http-named-rules
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - name: named-rule
14 | matches:
15 | - path:
16 | type: PathPrefix
17 | value: /named
18 | backendRefs:
19 | - name: echo-v1
20 | port: 8080
21 | - matches:
22 | - path:
23 | type: PathPrefix
24 | value: /unnamed
25 | backendRefs:
26 | - name: echo-v2
27 | port: 8080
28 |
--------------------------------------------------------------------------------
/examples/standard/grpc-routing/reflection-grpcroute.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/grpc-routing.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: GRPCRoute
5 | metadata:
6 | name: foo-route
7 | spec:
8 | parentRefs:
9 | - name: example-gateway
10 | hostnames:
11 | - "foo.example.com"
12 | rules:
13 | - matches:
14 | - method:
15 | service: com.example.User
16 | method: Login
17 | backendRefs:
18 | - name: foo-svc
19 | port: 50051
20 | - matches:
21 | - method:
22 | service: grpc.reflection.v1.ServerReflection
23 | backendRefs:
24 | - name: foo-svc
25 | port: 50051
26 |
--------------------------------------------------------------------------------
/hack/boilerplate/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright YEAR The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
--------------------------------------------------------------------------------
/hack/mkdocs/image/requirements.txt:
--------------------------------------------------------------------------------
1 | Click==8.3.1
2 | htmlmin==0.1.12
3 | Jinja2==3.1.6
4 | jsmin==3.0.1
5 | livereload==2.7.1
6 | # mkdocs 2.4.1 requires Markdown < 3.4.0
7 | # https://github.com/kubernetes-sigs/gateway-api/pull/1671#issuecomment-1400586465
8 | markdown~=3.10
9 | MarkupSafe==3.0.3
10 | mkdocs==1.6.1
11 | mkdocs-awesome-pages-plugin==2.10.1
12 | mkdocs-macros-plugin==1.5.0
13 | mkdocs-material==9.7.1
14 | mkdocs-redirects==1.2.2
15 | mkdocs-mermaid2-plugin==1.2.3
16 | pandas>=2.0.3
17 | pep562==1.1
18 | Pygments==2.19.2
19 | pymdown-extensions==10.19.1
20 | PyYAML==6.0.3
21 | six==1.17.0
22 | tabulate==0.9.0
23 | tornado==6.5.4
24 | semver==3.0.4
25 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-redirect-308.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: permanent-method-preserving-redirect
7 | spec:
8 | parentRefs:
9 | - name: redirect-gateway
10 | hostnames:
11 | - api.example.com
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /old-api
17 | filters:
18 | - type: RequestRedirect
19 | requestRedirect:
20 | path:
21 | type: ReplaceFullPath
22 | replaceFullPath: /new-api
23 | statusCode: 308
24 |
--------------------------------------------------------------------------------
/hack/boilerplate/boilerplate.generatego.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
--------------------------------------------------------------------------------
/hack/boilerplate/boilerplate.py.txt:
--------------------------------------------------------------------------------
1 | # Copyright YEAR The Kubernetes Authors.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-redirect-303.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: post-redirect-get
7 | spec:
8 | parentRefs:
9 | - name: redirect-gateway
10 | hostnames:
11 | - forms.example.com
12 | rules:
13 | - matches:
14 | - path:
15 | type: Exact
16 | value: /submit-form
17 | method: POST
18 | filters:
19 | - type: RequestRedirect
20 | requestRedirect:
21 | path:
22 | type: ReplaceFullPath
23 | replaceFullPath: /thank-you
24 | statusCode: 303
25 |
--------------------------------------------------------------------------------
/hack/boilerplate/boilerplate.sh.txt:
--------------------------------------------------------------------------------
1 | # Copyright YEAR The Kubernetes Authors.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/enhancement.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Enhancement Request
3 | about: Suggest an enhancement to the gateway-api project
4 | labels: kind/feature
5 |
6 | ---
7 |
8 |
9 |
16 |
17 | **What would you like to be added**:
18 |
19 | **Why this is needed**:
20 |
21 |
--------------------------------------------------------------------------------
/geps/gep-3171/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha2
2 | kind: GEPDetails
3 | number: 3171
4 | name: Percentage-based Request Mirroring
5 | status: Standard
6 | authors:
7 | - jakebennert
8 | - LiorLieberman
9 | references:
10 | - https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.HTTPRequestMirrorFilter
11 | - https://github.com/kubernetes-sigs/gateway-api/pull/3199
12 | - https://github.com/kubernetes-sigs/gateway-api/pull/3301
13 | - https://github.com/kubernetes-sigs/gateway-api/pull/3638
14 | - https://github.com/kubernetes-sigs/gateway-api/pull/3508
15 | featureNames:
16 | - HTTPRouteRequestPercentageMirror
17 |
--------------------------------------------------------------------------------
/examples/standard/tls-basic.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/tls.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: tls-basic
7 | spec:
8 | gatewayClassName: example
9 | listeners:
10 | - name: foo-https
11 | protocol: HTTPS
12 | port: 443
13 | hostname: foo.example.com
14 | tls:
15 | certificateRefs:
16 | - kind: Secret
17 | group: ""
18 | name: foo-example-com-cert
19 | - name: bar-https
20 | protocol: HTTPS
21 | port: 443
22 | hostname: bar.example.com
23 | tls:
24 | certificateRefs:
25 | - kind: Secret
26 | group: ""
27 | name: bar-example-com-cert
28 |
--------------------------------------------------------------------------------
/geps/gep-1742/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1742
4 | name: HTTPRoute Timeouts
5 | status: Standard
6 | authors:
7 | - youngnick
8 | - spacewander
9 | - frankbu
10 | - shaneutt
11 | - candita
12 | - robscott
13 | - sjberman
14 | relationships:
15 | seeAlso:
16 | - number: 2257
17 | name: Gateway API Duration Format
18 | description: Defines the duration format used by HTTPRoute timeouts.
19 | references:
20 | - https://datatracker.ietf.org/doc/html/rfc8174
21 | - https://datatracker.ietf.org/doc/html/rfc2119
22 | changelog:
23 | - https://github.com/kubernetes-sigs/gateway-api/pull/3210
24 |
25 |
--------------------------------------------------------------------------------
/geps/gep-2659/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2659
4 | name: Document and improve the GEP process
5 | type: Memorandum
6 | status: Accepted
7 | relationships:
8 | seeAlso:
9 | - number: 917
10 | name: Gateway API Conformance Testing
11 | description: GEP is Memorandum type
12 | - number: 922
13 | name: Gateway API Versioning
14 | description: GEP is Memorandum type
15 | - number: 1324
16 | name: Service Mesh in Gateway API
17 | description: GEP is Memorandum type
18 | authors:
19 | - youngnick
20 | changelog:
21 | - "https://github.com/kubernetes-sigs/gateway-api/pull/2689"
22 |
--------------------------------------------------------------------------------
/conformance/reports/v1.3.0/cilium-cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | | API channel | Implementation version | Mode | Report |
6 | |--------------|-------------------------------------------|---------|--------------------------------------------------------|
7 | | experimental | [main](https://github.com/cilium/cilium/) | default | [main report](./experimental-main-default-report.yaml) |
8 |
9 | ## Reproduce
10 |
11 | Cilium conformance tests can be reproduced by follow the steps in CI `.github/workflows/conformance-gateway-api.yaml`
12 | from within the [Cilium repo](https://github.com/cilium/cilium).
13 |
--------------------------------------------------------------------------------
/conformance/reports/v1.4.0/cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | | API channel | Implementation version | Mode | Report |
6 | |--------------|-------------------------------------------|---------|--------------------------------------------------------|
7 | | experimental | [main](https://github.com/cilium/cilium/) | default | [main report](./experimental-v1.19.0-pre.2-default-report.yaml) |
8 |
9 | ## Reproduce
10 |
11 | Cilium conformance tests can be reproduced by follow the steps in CI `.github/workflows/conformance-gateway-api.yaml`
12 | from within the [Cilium repo](https://github.com/cilium/cilium).
13 |
--------------------------------------------------------------------------------
/conformance/tests/grpcroute-exact-method-matching.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: GRPCRoute
3 | metadata:
4 | name: exact-matching
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - method:
12 | service: gateway_api_conformance.echo_basic.grpcecho.GrpcEcho
13 | method: Echo
14 | backendRefs:
15 | - name: grpc-infra-backend-v1
16 | port: 8080
17 | - matches:
18 | - method:
19 | service: gateway_api_conformance.echo_basic.grpcecho.GrpcEcho
20 | method: EchoTwo
21 | backendRefs:
22 | - name: grpc-infra-backend-v2
23 | port: 8080
24 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-matching.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: matching
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /
14 | - headers:
15 | - name: version
16 | value: one
17 | backendRefs:
18 | - name: infra-backend-v1
19 | port: 8080
20 | - matches:
21 | - path:
22 | type: PathPrefix
23 | value: /v2
24 | - headers:
25 | - name: version
26 | value: two
27 | backendRefs:
28 | - name: infra-backend-v2
29 | port: 8080
30 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-timeout-request.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: request-timeout
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /request-timeout
14 | backendRefs:
15 | - name: infra-backend-v1
16 | port: 8080
17 | timeouts:
18 | request: 500ms
19 | - matches:
20 | - path:
21 | type: PathPrefix
22 | value: /disable-request-timeout
23 | backendRefs:
24 | - name: infra-backend-v1
25 | port: 8080
26 | timeouts:
27 | request: "0s"
28 |
--------------------------------------------------------------------------------
/conformance/tests/udproute-simple.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1beta1
2 | kind: Gateway
3 | metadata:
4 | name: udp-gateway
5 | namespace: gateway-conformance-infra
6 | spec:
7 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
8 | listeners:
9 | - name: coredns
10 | protocol: UDP
11 | port: 5300
12 | allowedRoutes:
13 | kinds:
14 | - kind: UDPRoute
15 | ---
16 | apiVersion: gateway.networking.k8s.io/v1alpha2
17 | kind: UDPRoute
18 | metadata:
19 | name: udp-coredns
20 | namespace: gateway-conformance-infra
21 | spec:
22 | parentRefs:
23 | - name: udp-gateway
24 | sectionName: coredns
25 | rules:
26 | - backendRefs:
27 | - name: coredns
28 | port: 53
29 |
--------------------------------------------------------------------------------
/examples/standard/http-route-attachment/gateway-strict.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/concepts/api-overview.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: foo-gateway
7 | namespace: gateway-api-example-ns1
8 | spec:
9 | gatewayClassName: foo-lb
10 | listeners:
11 | - name: prod-web
12 | port: 80
13 | protocol: HTTP
14 | allowedRoutes:
15 | kinds:
16 | - kind: HTTPRoute
17 | namespaces:
18 | from: Selector
19 | selector:
20 | matchLabels:
21 | # This label is added automatically as of K8s 1.22
22 | # to all namespaces
23 | kubernetes.io/metadata.name: gateway-api-example-ns2
24 |
--------------------------------------------------------------------------------
/conformance/tests/grpcroute-named-rule.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: GRPCRoute
3 | metadata:
4 | name: grpc-named-rules
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - name: named-rule
11 | matches:
12 | - method:
13 | service: gateway_api_conformance.echo_basic.grpcecho.GrpcEcho
14 | method: Echo
15 | backendRefs:
16 | - name: grpc-infra-backend-v1
17 | port: 8080
18 | - matches:
19 | - method:
20 | service: gateway_api_conformance.echo_basic.grpcecho.GrpcEcho
21 | method: EchoTwo
22 | backendRefs:
23 | - name: grpc-infra-backend-v2
24 | port: 8080
25 |
--------------------------------------------------------------------------------
/examples/standard/simple-http-https/gateway.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: example-gateway
5 | spec:
6 | gatewayClassName: prod
7 | listeners:
8 | - name: http
9 | port: 80
10 | protocol: HTTP
11 | hostname: "*.example.com"
12 | - name: https
13 | port: 443
14 | protocol: HTTPS
15 | hostname: "*.example.com"
16 | tls:
17 | mode: Terminate
18 | certificateRefs:
19 | - kind: Secret
20 | name: example-com
21 | - name: https-default-tls-mode
22 | port: 8443
23 | protocol: HTTPS
24 | hostname: "*.foo.com"
25 | tls:
26 | certificateRefs:
27 | - kind: Secret
28 | name: foo-com
29 |
--------------------------------------------------------------------------------
/examples/standard/wildcard-tls-gateway.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/tls.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: wildcard-tls-gateway
7 | spec:
8 | gatewayClassName: example
9 | listeners:
10 | - name: foo-https
11 | protocol: HTTPS
12 | port: 443
13 | hostname: foo.example.com
14 | tls:
15 | certificateRefs:
16 | - kind: Secret
17 | group: ""
18 | name: foo-example-com-cert
19 | - name: wildcard-https
20 | protocol: HTTPS
21 | port: 443
22 | hostname: "*.example.com"
23 | tls:
24 | certificateRefs:
25 | - kind: Secret
26 | group: ""
27 | name: wildcard-example-com-cert
28 |
--------------------------------------------------------------------------------
/geps/gep-995/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 995
4 | name: Named route rules
5 | status: Standard
6 | authors:
7 | - guicassolato
8 | changelog:
9 | - "https://github.com/kubernetes-sigs/gateway-api/pull/2593"
10 | relationships:
11 | seeAlso:
12 | - number: 2648
13 | name: Direct Policy Attachment
14 | description: Defines a way to attach direct policies to sections of a route.
15 | - number: 2649
16 | name: Inherited Policy Attachment
17 | description: |
18 | Provides a more assertive way to report status regarding sections of a route.
19 | E.g.: when a policy that targets a Service affects rules of a route.
20 |
--------------------------------------------------------------------------------
/conformance/reports/v1.3.0/cloud-provider-kind/standard-v0.8.0-alpha.1-default-report.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | date: "2025-09-07T12:44:41Z"
3 | gatewayAPIChannel: standard
4 | gatewayAPIVersion: v1.3.0
5 | implementation:
6 | contact:
7 | - https://github.com/kubernetes-sigs/cloud-provider-kind/issues/new
8 | organization: sigs.k8s.io
9 | project: cloud-provider-kind
10 | url: https://github.com/kubernetes-sigs/cloud-provider-kind
11 | version: v0.8.0-alpha.1
12 | kind: ConformanceReport
13 | mode: default
14 | profiles:
15 | - core:
16 | result: success
17 | statistics:
18 | Failed: 0
19 | Passed: 33
20 | Skipped: 0
21 | name: GATEWAY-HTTP
22 | summary: Core tests succeeded.
23 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-redirect-host-and-status.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: redirect-host-and-status
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /hostname-redirect
14 | filters:
15 | - type: RequestRedirect
16 | requestRedirect:
17 | hostname: example.org
18 | - matches:
19 | - path:
20 | type: PathPrefix
21 | value: /host-and-status
22 | filters:
23 | - type: RequestRedirect
24 | requestRedirect:
25 | statusCode: 301
26 | hostname: example.org
27 |
28 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-timeout-backend-request.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: backend-request-timeout
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /backend-timeout
14 | backendRefs:
15 | - name: infra-backend-v1
16 | port: 8080
17 | timeouts:
18 | backendRequest: 500ms
19 | - matches:
20 | - path:
21 | type: PathPrefix
22 | value: /disable-backend-timeout
23 | backendRefs:
24 | - name: infra-backend-v1
25 | port: 8080
26 | timeouts:
27 | backendRequest: "0s"
28 |
--------------------------------------------------------------------------------
/geps/gep-1713/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1713
4 | name: XListenerSets (Standard Mechanism to Merge Gateways)
5 | status: Experimental
6 | authors:
7 | - dprotaso
8 | - youngnick
9 | - mlavacca
10 | references:
11 | - https://github.com/kubernetes-sigs/gateway-api/pull/3477
12 | - https://github.com/kubernetes-sigs/gateway-api/pull/3213
13 | - https://github.com/kubernetes-sigs/gateway-api/pull/3632
14 | - https://github.com/kubernetes-sigs/gateway-api/pull/3664
15 | - https://github.com/kubernetes-sigs/gateway-api/pull/3587
16 | - https://github.com/kubernetes-sigs/gateway-api/pull/3588
17 | - https://github.com/kubernetes-sigs/gateway-api/pull/3682
18 |
--------------------------------------------------------------------------------
/conformance/reports/v1.1.0/cilium-cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | | API channel | Implementation version | Mode | Report |
6 | |--------------|--------------------------------------------------------------|---------|-------------------------------------------------|
7 | | experimental | [1.16](https://github.com/cilium/cilium/releases/tag/1.16.0) | default | [v1.16 report](./experimental-1.16-default-report.yaml) |
8 |
9 | ## Reproduce
10 |
11 | Cilium conformance tests can be reproduced by follow the steps in CI `.github/workflows/conformance-gateway-api.yaml`
12 | from within the [Cilium repo](https://github.com/cilium/cilium).
13 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-rewrite-full-path.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-rewrite
7 | spec:
8 | hostnames:
9 | - rewrite.example
10 | rules:
11 | - matches:
12 | - path:
13 | type: PathPrefix
14 | value: /cardamom
15 | filters:
16 | - type: URLRewrite
17 | urlRewrite:
18 | hostname: elsewhere.example
19 | path:
20 | type: ReplaceFullPath
21 | replaceFullPath: /fennel
22 | backendRefs:
23 | - name: example-svc
24 | weight: 1
25 | port: 80
26 |
--------------------------------------------------------------------------------
/conformance/reports/v1.2.1/cilium-cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | | API channel | Implementation version | Mode | Report |
6 | |--------------|-----------------------------------------------------------------|---------|-------------------------------------------------|
7 | | experimental | [1.17.0](https://github.com/cilium/cilium/releases/tag/v1.17.0) | default | [v1.17 report](./experimental-1.17-default-report.yaml) |
8 |
9 | ## Reproduce
10 |
11 | Cilium conformance tests can be reproduced by follow the steps in CI `.github/workflows/conformance-gateway-api.yaml`
12 | from within the [Cilium repo](https://github.com/cilium/cilium).
13 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-matching.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-matching
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /
17 | - headers:
18 | - name: version
19 | value: one
20 | backendRefs:
21 | - name: echo-v1
22 | port: 8080
23 | - matches:
24 | - path:
25 | type: PathPrefix
26 | value: /v2
27 | - headers:
28 | - name: version
29 | value: two
30 | backendRefs:
31 | - name: echo-v2
32 | port: 8080
33 |
--------------------------------------------------------------------------------
/examples/standard/http-redirect-rewrite/httproute-rewrite-prefix-path.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/http-redirect-rewrite.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: http-filter-rewrite
7 | spec:
8 | hostnames:
9 | - rewrite.example
10 | rules:
11 | - matches:
12 | - path:
13 | type: PathPrefix
14 | value: /cardamom
15 | filters:
16 | - type: URLRewrite
17 | urlRewrite:
18 | hostname: elsewhere.example
19 | path:
20 | type: ReplacePrefixMatch
21 | replacePrefixMatch: /fennel
22 | backendRefs:
23 | - name: example-svc
24 | weight: 1
25 | port: 80
26 |
--------------------------------------------------------------------------------
/conformance/reports/v1.3.0/agentgateway-agentgateway/README.md:
--------------------------------------------------------------------------------
1 | # Agent Gateway (with kgateway)
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | |experimental|[v0.6.0]|default|[report](./experimental-0.6.0-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | ```
12 | go test./conformance -run TestConformance -args \
13 | --report-output /tmp/report.yaml \
14 | --conformance-profiles=GATEWAY-HTTP \
15 | --gateway-class agentgateway \
16 | --all-features \
17 | --organization agentgateway \
18 | --project agentgateway \
19 | --url http://agentgateway.dev/ \
20 | --version v0.6.0-dev \
21 | --contact "github.com/agentgateway/agentgateway/issues/new/choose"
22 | ```
23 |
--------------------------------------------------------------------------------
/examples/standard/grpc-routing/gateway.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/grpc-routing.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: example-gateway
7 | spec:
8 | gatewayClassName: example-gateway-class
9 | listeners:
10 | - name: grpc
11 | protocol: HTTPS
12 | port: 50051
13 | tls:
14 | certificateRefs:
15 | - kind: Secret
16 | group: ""
17 | name: example-com-cert
18 | ---
19 | apiVersion: gateway.networking.k8s.io/v1
20 | kind: GRPCRoute
21 | metadata:
22 | name: example-route
23 | spec:
24 | parentRefs:
25 | - name: example-gateway
26 | hostnames:
27 | - "example.com"
28 | rules:
29 | - backendRefs:
30 | - name: example-svc
31 | port: 50051
32 |
--------------------------------------------------------------------------------
/conformance/embed.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2022 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package conformance
18 |
19 | import "embed"
20 |
21 | //go:embed tests/* base/* mesh/*
22 | var Manifests embed.FS
23 |
--------------------------------------------------------------------------------
/examples/standard/gateway-addresses.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: gateway-addresses
5 | spec:
6 | gatewayClassName: example
7 | addresses:
8 | - value: 1200:0000:AB00:1234:0000:2552:7777:1313
9 | - value: 21DA:D3:0:2F3B:2AA:FF:FE28:9C5A
10 | - value: "2001:db8:3c4d:15:0:d234:3eee::"
11 | - value: "1234::"
12 | - value: "1.1.1.1"
13 | - value: "1.2.3.4"
14 | - value: "0.0.0.0"
15 | - value: "9.255.255.255"
16 | - value: "11.0.0.0"
17 | - type: IPAddress
18 | value: "255.255.255.255"
19 | - type: "Hostname"
20 | value: "example.com"
21 | listeners:
22 | - protocol: HTTP
23 | port: 80
24 | name: prod-web-gw
25 | allowedRoutes:
26 | namespaces:
27 | from: Same
28 |
--------------------------------------------------------------------------------
/conformance/reports/v1.2.0/cilium-cilium/README.md:
--------------------------------------------------------------------------------
1 | # Cilium
2 |
3 | ## Table of Contents
4 |
5 | | API channel | Implementation version | Mode | Report |
6 | |--------------|-----------------------------------------------------------------------------|---------|-------------------------------------------------|
7 | | experimental | [1.17.0-pre.1](https://github.com/cilium/cilium/releases/tag/v1.17.0-pre.1) | default | [v1.17 report](./experimental-1.17-default-report.yaml) |
8 |
9 | ## Reproduce
10 |
11 | Cilium conformance tests can be reproduced by follow the steps in CI `.github/workflows/conformance-gateway-api.yaml`
12 | from within the [Cilium repo](https://github.com/cilium/cilium).
13 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-https-listener.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: httproute-https-test
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace-with-https-listener
9 | hostnames:
10 | - example.org
11 | rules:
12 | - backendRefs:
13 | - name: infra-backend-v1
14 | port: 8080
15 | ---
16 | apiVersion: gateway.networking.k8s.io/v1
17 | kind: HTTPRoute
18 | metadata:
19 | name: httproute-https-test-no-hostname
20 | namespace: gateway-conformance-infra
21 | spec:
22 | parentRefs:
23 | - name: same-namespace-with-https-listener
24 | sectionName: https-with-hostname
25 | rules:
26 | - backendRefs:
27 | - name: infra-backend-v2
28 | port: 8080
29 |
--------------------------------------------------------------------------------
/geps/gep-2643/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2643
4 | name: TLS based passthrough Route / TLSRoute
5 | status: Experimental
6 | # Note: The feature already exists, the GEP is a retroactive collection of information
7 | authors:
8 | - candita
9 | - Miciah
10 | - rikatz
11 | - rostislavbobo
12 | relationships:
13 | seeAlso:
14 | - number: 2907
15 | name: TLS Configuration Placement and Terminology
16 | - number: 4274
17 | name: BackendTLSPolicy - Extend support for TLSRoute
18 | - number: 4271
19 | name: TLSRoute/HTTPRoute multiplexing
20 | references:
21 | - https://datatracker.ietf.org/doc/html/rfc6066#section-3
22 | - https://github.com/kubernetes-sigs/gateway-api/issues/2111
23 |
--------------------------------------------------------------------------------
/examples/standard/multicluster/httproute-referencegrant.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - geps/gep-1748.md
3 | kind: HTTPRoute
4 | apiVersion: gateway.networking.k8s.io/v1beta1
5 | metadata:
6 | name: foo
7 | namespace: foo
8 | spec:
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /bar
14 | backendRefs:
15 | - group: multicluster.x-k8s.io
16 | kind: ServiceImport
17 | name: bar
18 | namespace: bar
19 | ---
20 | kind: ReferenceGrant
21 | apiVersion: gateway.networking.k8s.io/v1beta1
22 | metadata:
23 | name: bar
24 | namespace: bar
25 | spec:
26 | from:
27 | - group: gateway.networking.k8s.io
28 | kind: HTTPRoute
29 | namespace: foo
30 | to:
31 | - group: multicluster.x-k8s.io
32 | kind: ServiceImport
33 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/httproute-redirect-host-and-status.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: mesh-redirect-host-and-status
5 | namespace: gateway-conformance-mesh
6 | spec:
7 | parentRefs:
8 | - group: ""
9 | kind: Service
10 | name: echo
11 | port: 80
12 | rules:
13 | - matches:
14 | - path:
15 | type: PathPrefix
16 | value: /hostname-redirect
17 | filters:
18 | - type: RequestRedirect
19 | requestRedirect:
20 | hostname: example.org
21 | - matches:
22 | - path:
23 | type: PathPrefix
24 | value: /host-and-status
25 | filters:
26 | - type: RequestRedirect
27 | requestRedirect:
28 | statusCode: 301
29 | hostname: example.org
30 |
31 |
--------------------------------------------------------------------------------
/conformance/utils/tlog/tlog_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package tlog
18 |
19 | import "testing"
20 |
21 | func TestTLog(t *testing.T) {
22 | Log(t, "Log")
23 | Logf(t, "%s", "Log")
24 | }
25 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-reference-grant.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1beta1
2 | kind: ReferenceGrant
3 | metadata:
4 | name: reference-grant
5 | namespace: gateway-conformance-web-backend
6 | spec:
7 | from:
8 | - group: gateway.networking.k8s.io
9 | kind: HTTPRoute
10 | namespace: gateway-conformance-infra
11 | to:
12 | - group: ""
13 | kind: Service
14 | name: web-backend
15 | ---
16 | apiVersion: gateway.networking.k8s.io/v1
17 | kind: HTTPRoute
18 | metadata:
19 | name: reference-grant
20 | namespace: gateway-conformance-infra
21 | spec:
22 | parentRefs:
23 | - name: same-namespace
24 | rules:
25 | - backendRefs:
26 | - name: web-backend
27 | namespace: gateway-conformance-web-backend
28 | port: 8080
29 |
--------------------------------------------------------------------------------
/conformance/tests/mesh/main.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2025 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package meshtests
18 |
19 | import "sigs.k8s.io/gateway-api/conformance/utils/suite"
20 |
21 | var MeshConformanceTests []suite.ConformanceTest
22 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // This package has the automatically generated fake clientset.
20 | package fake
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // This package has the automatically generated typed clients.
20 | package v1
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // Package fake has the automatically generated clients.
20 | package fake
21 |
--------------------------------------------------------------------------------
/conformance/reports/v1.3.0/gravitee/standard-4.8.5-default-report.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | date: "2025-09-03T11:18:57+02:00"
3 | gatewayAPIChannel: standard
4 | gatewayAPIVersion: v1.3.0
5 | implementation:
6 | contact:
7 | - team-devex@graviteesource.com
8 | organization: gravitee.io
9 | project: gravitee-kubernetes-operator
10 | url: https://github.com/gravitee-io/gravitee-kubernetes-operator
11 | version: 4.8.5
12 | kind: ConformanceReport
13 | mode: default
14 | profiles:
15 | - core:
16 | result: partial
17 | skippedTests:
18 | - HTTPRouteMatchingAcrossRoutes
19 | - HTTPRouteServiceTypes
20 | statistics:
21 | Failed: 0
22 | Passed: 31
23 | Skipped: 2
24 | name: GATEWAY-HTTP
25 | summary: Core tests partially succeeded with 2 test skips.
26 |
--------------------------------------------------------------------------------
/examples/experimental/http-response-header.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: response-header-modifier
5 | spec:
6 | parentRefs:
7 | - name: acme-gw
8 | rules:
9 | - matches:
10 | - path:
11 | type: PathPrefix
12 | value: /add-multiple-response-headers
13 | filters:
14 | - type: ResponseHeaderModifier
15 | responseHeaderModifier:
16 | add:
17 | - name: X-Header-Add-1
18 | value: header-add-1
19 | - name: X-Header-Add-2
20 | value: header-add-2
21 | - name: X-Header-Add-3
22 | value: header-add-3
23 | - name: Content-Disposition
24 | value: "attachment; filename=\"example_file.txt\""
25 | backendRefs:
26 | - name: echo
27 | port: 8080
28 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1alpha2/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // Package fake has the automatically generated clients.
20 | package fake
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1alpha3/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // Package fake has the automatically generated clients.
20 | package fake
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1beta1/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // Package fake has the automatically generated clients.
20 | package fake
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apisx/v1alpha1/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // Package fake has the automatically generated clients.
20 | package fake
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/scheme/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // This package contains the scheme of the automatically generated clientset.
20 | package scheme
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1alpha2/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // This package has the automatically generated typed clients.
20 | package v1alpha2
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1alpha3/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // This package has the automatically generated typed clients.
20 | package v1alpha3
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1beta1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // This package has the automatically generated typed clients.
20 | package v1beta1
21 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apisx/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | // This package has the automatically generated typed clients.
20 | package v1alpha1
21 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-disallowed-kind.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: tlsroutes-only
5 | namespace: gateway-conformance-infra
6 | spec:
7 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
8 | listeners:
9 | - name: tls
10 | port: 443
11 | protocol: TLS
12 | tls:
13 | mode: Passthrough
14 | allowedRoutes:
15 | namespaces:
16 | from: Same
17 | kinds:
18 | - kind: TLSRoute
19 | ---
20 | apiVersion: gateway.networking.k8s.io/v1
21 | kind: HTTPRoute
22 | metadata:
23 | name: disallowed-kind
24 | namespace: gateway-conformance-infra
25 | spec:
26 | parentRefs:
27 | - name: tlsroutes-only
28 | namespace: gateway-conformance-infra
29 | rules:
30 | - backendRefs:
31 | - name: infra-backend-v1
32 | port: 8080
33 |
--------------------------------------------------------------------------------
/hack/install-examples.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Copyright 2020 The Kubernetes Authors.
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 |
17 | set -o errexit
18 | set -o nounset
19 | set -o pipefail
20 |
21 | # Install all example gateway-api resources.
22 | kubectl apply --recursive -f examples
23 |
--------------------------------------------------------------------------------
/examples/standard/cross-namespace-routing/site-route.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/guides/multiple-ns.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: HTTPRoute
5 | metadata:
6 | name: home
7 | namespace: site-ns
8 | spec:
9 | parentRefs:
10 | - name: shared-gateway
11 | namespace: infra-ns
12 | rules:
13 | - backendRefs:
14 | - name: home
15 | port: 8080
16 | ---
17 | apiVersion: gateway.networking.k8s.io/v1
18 | kind: HTTPRoute
19 | metadata:
20 | name: login
21 | namespace: site-ns
22 | spec:
23 | parentRefs:
24 | - name: shared-gateway
25 | namespace: infra-ns
26 | rules:
27 | - matches:
28 | - path:
29 | value: /login
30 | backendRefs:
31 | - name: login-v1
32 | port: 8080
33 | weight: 90
34 | - name: login-v2
35 | port: 8080
36 | weight: 10
37 |
--------------------------------------------------------------------------------
/geps/gep-3779/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 3779
4 | name: Identity Based Authz for east-west traffic
5 | status: Implementable
6 | # Any authors who contribute to the GEP in any way should be listed here using
7 | # their GitHub handle.
8 | authors:
9 | - liorlieberman
10 | - aryan16
11 | # references is a list of hyperlinks to relevant external references.
12 | # It's intended to be used for storing GitHub discussions, Google docs, etc.
13 | references: []
14 | # featureNames is a list of the feature names introduced by the GEP, if there
15 | # are any. This will allow us to track which feature was introduced by which GEP.
16 | featureNames: []
17 | # changelog is a list of hyperlinks to PRs that make changes to the GEP, in
18 | # ascending date order.
19 | changelog: []
20 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-request-header-modifier-backend-weights.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: request-header-modifier-backend-weights
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - backendRefs:
11 | - name: infra-backend-v1
12 | port: 8080
13 | weight: 10
14 | filters:
15 | - type: RequestHeaderModifier
16 | requestHeaderModifier:
17 | set:
18 | - name: Backend
19 | value: infra-backend-v1
20 | - name: infra-backend-v2
21 | port: 8080
22 | weight: 10
23 | filters:
24 | - type: RequestHeaderModifier
25 | requestHeaderModifier:
26 | set:
27 | - name: Backend
28 | value: infra-backend-v2
29 |
--------------------------------------------------------------------------------
/hack/invalid-examples/standard/gateway/invalid-addresses.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: invalid-addresses
5 | spec:
6 | gatewayClassName: example
7 | addresses:
8 | - value: 1200:0000:::AB00:1234:0000:2552:7777:1313
9 | - value: 21DA:D3:0:2F3B:2AY:FF:FE28:9C5A
10 | - value: "2001:db8:3c4d:15:0:d234:3eee:"
11 | - value: "2001:db8:3c4d:15:0:d234:3eee:::"
12 | - value: ":::1234::"
13 | - value: "1.1.1"
14 | - value: "1.a.3.4"
15 | - value: "foo.com"
16 | - type: IPAddress
17 | value: "256.255.255.255"
18 | - type: "Hostname"
19 | value: "foo.com:80"
20 | - type: "example.com/custom"
21 | value: "anything goes"
22 | listeners:
23 | - protocol: HTTP
24 | port: 80
25 | name: prod-web-gw
26 | allowedRoutes:
27 | namespaces:
28 | from: Same
29 |
--------------------------------------------------------------------------------
/conformance/tests/main.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2022 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package tests
18 |
19 | import (
20 | "slices"
21 |
22 | meshtests "sigs.k8s.io/gateway-api/conformance/tests/mesh"
23 | )
24 |
25 | var ConformanceTests = slices.Clone(meshtests.MeshConformanceTests)
26 |
--------------------------------------------------------------------------------
/examples/standard/multicluster/httproute-location.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - geps/gep-1748.md
3 | kind: HTTPRoute
4 | apiVersion: gateway.networking.k8s.io/v1beta1
5 | metadata:
6 | name: store
7 | spec:
8 | parentRefs:
9 | - name: external-http
10 | rules:
11 | - matches:
12 | - path:
13 | type: PathPrefix
14 | value: /west
15 | backendRefs:
16 | - group: multicluster.x-k8s.io
17 | kind: ServiceImport
18 | name: store-west
19 | port: 8080
20 | - matches:
21 | - path:
22 | type: PathPrefix
23 | value: /east
24 | backendRefs:
25 | - group: multicluster.x-k8s.io
26 | kind: ServiceImport
27 | name: store-east
28 | port: 8080
29 | - backendRefs:
30 | - group: multicluster.x-k8s.io
31 | kind: ServiceImport
32 | name: store
33 | port: 8080
34 |
--------------------------------------------------------------------------------
/conformance/reports/v1.2.1/kubvernor/kubvernor-conformance-output-1.2.1.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | date: "2025-05-24T16:25:25+01:00"
3 | gatewayAPIChannel: standard
4 | gatewayAPIVersion: v1.2.1
5 | implementation:
6 | contact:
7 | - nowakd@gmail.com
8 | organization: kubvernor
9 | project: kubvernor
10 | url: https://github.com/kubvernor/kubvernor
11 | version: 0.1.0
12 | kind: ConformanceReport
13 | mode: default
14 | profiles:
15 | - core:
16 | result: success
17 | statistics:
18 | Failed: 0
19 | Passed: 12
20 | Skipped: 0
21 | name: GATEWAY-GRPC
22 | summary: Core tests succeeded.
23 | - core:
24 | result: success
25 | statistics:
26 | Failed: 0
27 | Passed: 33
28 | Skipped: 0
29 | name: GATEWAY-HTTP
30 | summary: Core tests succeeded.
31 |
--------------------------------------------------------------------------------
/conformance/conformance_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2022 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package conformance_test
18 |
19 | import (
20 | "testing"
21 |
22 | "sigs.k8s.io/gateway-api/conformance"
23 | )
24 |
25 | func TestConformance(t *testing.T) {
26 | conformance.RunConformance(t)
27 | }
28 |
--------------------------------------------------------------------------------
/hack/mkdocs/image/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | # Copyright 2019 The Kubernetes Authors.
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 |
17 | set -o errexit
18 |
19 | CMD=$1
20 |
21 | if [ "$CMD" = "build" ];
22 | then
23 | mkdocs build
24 | exit 0;
25 | fi
26 |
27 | mkdocs serve --dev-addr=0.0.0.0:3000 --livereload
28 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1alpha3/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | package v1alpha3
20 |
21 | type BackendTLSPolicyExpansion interface{}
22 |
23 | type TLSRouteExpansion interface{}
24 |
--------------------------------------------------------------------------------
/apis/v1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the gateway.networking.k8s.io
18 | // API group.
19 | //
20 | // +k8s:openapi-gen=true
21 | // +kubebuilder:object:generate=true
22 | // +groupName=gateway.networking.k8s.io
23 | package v1
24 |
--------------------------------------------------------------------------------
/geps/gep-1619/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 1619
4 | name: Session Persistence
5 | status: Experimental
6 | authors:
7 | - gcs278
8 | - sjberman
9 | - robscott
10 | relationships:
11 | seeAlso:
12 | - number: 713
13 | name: Metaresources and Policy Attachment
14 | description: Defines metaresource and policy attachment API
15 | - number: 2257
16 | name: Gateway API Duration Format
17 | description: Defines the Duration API field
18 | changelog:
19 | - "https://github.com/kubernetes-sigs/gateway-api/pull/1643"
20 | - "https://github.com/kubernetes-sigs/gateway-api/pull/1889"
21 | - "https://github.com/kubernetes-sigs/gateway-api/pull/1935"
22 | - "https://github.com/kubernetes-sigs/gateway-api/pull/2159"
23 | - "https://github.com/kubernetes-sigs/gateway-api/pull/2634"
24 |
--------------------------------------------------------------------------------
/hack/mkdocs/image/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2019 The Kubernetes Authors.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM python:3.12
16 |
17 | COPY requirements.txt /requirements.txt
18 | RUN pip install -r /requirements.txt
19 |
20 | WORKDIR /docs
21 |
22 | EXPOSE 3000
23 |
24 | COPY entrypoint.sh /
25 |
26 | ENTRYPOINT ["/entrypoint.sh"]
--------------------------------------------------------------------------------
/apis/v1beta1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1beta1 contains API Schema definitions for the
18 | // gateway.networking.k8s.io API group.
19 | //
20 | // +k8s:openapi-gen=true
21 | // +kubebuilder:object:generate=true
22 | // +groupName=gateway.networking.k8s.io
23 | package v1beta1
24 |
--------------------------------------------------------------------------------
/apis/v1alpha2/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1alpha2 contains API Schema definitions for the
18 | // gateway.networking.k8s.io API group.
19 | //
20 | // +k8s:openapi-gen=true
21 | // +kubebuilder:object:generate=true
22 | // +groupName=gateway.networking.k8s.io
23 | package v1alpha2
24 |
--------------------------------------------------------------------------------
/apis/v1alpha3/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1alpha3 contains API Schema definitions for the
18 | // gateway.networking.k8s.io API group.
19 | //
20 | // +k8s:openapi-gen=true
21 | // +kubebuilder:object:generate=true
22 | // +groupName=gateway.networking.k8s.io
23 | package v1alpha3
24 |
--------------------------------------------------------------------------------
/site-src/reference/policy-attachment.md:
--------------------------------------------------------------------------------
1 | # Metaresources and Policy Attachment
2 |
3 | Gateway API defines a Kubernetes object that _augments_ the behavior of an object
4 | in a standard way as a _Metaresource_. ReferenceGrant
5 | is an example of this general type of metaresource, but it is far from the only
6 | one.
7 |
8 | Gateway API also defines a pattern called _Policy Attachment_, which augments
9 | the behavior of an object to add additional settings that can't be described
10 | within the spec of that object.
11 |
12 | A "Policy Attachment" is a specific type of _metaresource_ that can affect specific
13 | settings across either one object (this is "Direct Policy Attachment"), or objects
14 | in a hierarchy (this is "Inherited Policy Attachment").
15 |
16 | This pattern is EXPERIMENTAL, and is described in [GEP-713](../geps/gep-713/index.md).
17 | Please see that document for technical details.
18 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apisx/v1alpha1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | package v1alpha1
20 |
21 | type XBackendTrafficPolicyExpansion interface{}
22 |
23 | type XListenerSetExpansion interface{}
24 |
25 | type XMeshExpansion interface{}
26 |
--------------------------------------------------------------------------------
/apis/v1alpha2/object_reference_types.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1alpha2
18 |
19 | import v1 "sigs.k8s.io/gateway-api/apis/v1"
20 |
21 | type LocalObjectReference = v1.LocalObjectReference
22 |
23 | type SecretObjectReference = v1.SecretObjectReference
24 |
25 | type BackendObjectReference = v1.BackendObjectReference
26 |
--------------------------------------------------------------------------------
/apis/v1beta1/object_reference_types.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1beta1
18 |
19 | import v1 "sigs.k8s.io/gateway-api/apis/v1"
20 |
21 | type LocalObjectReference = v1.LocalObjectReference
22 |
23 | type SecretObjectReference = v1.SecretObjectReference
24 |
25 | type BackendObjectReference = v1.BackendObjectReference
26 |
--------------------------------------------------------------------------------
/geps/gep-2649/metadata.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: internal.gateway.networking.k8s.io/v1alpha1
2 | kind: GEPDetails
3 | number: 2649
4 | name: Inherited Policy Attachment
5 | status: Declined
6 | authors:
7 | - youngnick
8 | - robscott
9 | relationships:
10 | obsoletedBy:
11 | - name: Metaresources and Policy Attachment
12 | number: 713
13 | description: Merged back into the original spec for Metaresources and Policy Attachment where it's presented as a well-defined class of metaresource
14 | # references is a list of hyperlinks to relevant external references.
15 | # It's intended to be used for storing GitHub discussions, Google docs, etc.
16 | references:
17 | - "https://github.com/kubernetes-sigs/gateway-api/discussions/2927"
18 | # changelog is a list of hyperlinks to PRs that make changes to the GEP, in
19 | # ascending date order.
20 | changelog:
21 | - "https://github.com/kubernetes-sigs/gateway-api/pull/2813"
22 |
--------------------------------------------------------------------------------
/apisx/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2025 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1alpha1 contains API Schema definitions for the gateway.networking.k8s-x.io
18 | // API group.
19 | //
20 | // +k8s:openapi-gen=true
21 | // +kubebuilder:object:generate=true
22 | // +groupName=gateway.networking.x-k8s.io
23 | // +groupGoName=Experimental
24 | package v1alpha1
25 |
--------------------------------------------------------------------------------
/conformance/tests/tlsroute-simple-same-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1alpha2
2 | kind: TLSRoute
3 | metadata:
4 | name: gateway-conformance-infra-test
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: gateway-tlsroute
9 | namespace: gateway-conformance-infra
10 | hostnames:
11 | - abc.example.com
12 | rules:
13 | - backendRefs:
14 | - name: tls-backend
15 | port: 443
16 | ---
17 | apiVersion: gateway.networking.k8s.io/v1beta1
18 | kind: Gateway
19 | metadata:
20 | name: gateway-tlsroute
21 | namespace: gateway-conformance-infra
22 | spec:
23 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
24 | listeners:
25 | - name: https
26 | port: 443
27 | protocol: TLS
28 | hostname: "*.example.com"
29 | allowedRoutes:
30 | namespaces:
31 | from: Same
32 | kinds:
33 | - kind: TLSRoute
34 | tls:
35 | mode: Passthrough
36 |
--------------------------------------------------------------------------------
/conformance/reports/v1.2.1/envoy-gateway/README.md:
--------------------------------------------------------------------------------
1 | # Envoy Gateway
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | | experimental |[v1.3.1](https://github.com/envoyproxy/gateway/releases/tag/v1.3.1)| default |[link](./experimental-v1.3.1-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | 1. Clone the Envoy Gateway GitHub repository
12 |
13 | ```bash
14 | git clone https://github.com/envoyproxy/gateway.git && cd gateway
15 | ```
16 |
17 | 2. Check out the desired version
18 |
19 | ```bash
20 | export VERSION=v
21 | git checkout $VERSION
22 | ```
23 |
24 | 3. Run the conformance tests
25 |
26 | ```bash
27 | CONFORMANCE_REPORT_PATH=conformance-report-k8s.yaml make experimental-conformance
28 | ```
29 |
30 | 4. Check the produced report
31 |
32 | ```bash
33 | cat ./conformance-report-k8s.yaml
34 | ```
35 |
--------------------------------------------------------------------------------
/apis/v1alpha3/shared_types.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2020 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1alpha3
18 |
19 | import v1 "sigs.k8s.io/gateway-api/apis/v1"
20 |
21 | type CommonRouteSpec = v1.CommonRouteSpec
22 |
23 | type BackendRef = v1.BackendRef
24 |
25 | type RouteStatus = v1.RouteStatus
26 |
27 | type Hostname = v1.Hostname
28 |
29 | type SectionName = v1.SectionName
30 |
--------------------------------------------------------------------------------
/conformance/reports/v1.1.0/envoy-gateway/README.md:
--------------------------------------------------------------------------------
1 | # Envoy Gateway
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | | experimental |[v1.1.0](https://github.com/envoyproxy/gateway/releases/tag/v1.1.0)| default |[v1.1.0 report](./experimental-v1.1.0-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | 1. Clone the Envoy Gateway GitHub repository
12 |
13 | ```bash
14 | git clone https://github.com/envoyproxy/gateway.git && cd gateway
15 | ```
16 |
17 | 2. Check out the desired version
18 |
19 | ```bash
20 | export VERSION=v
21 | git checkout $VERSION
22 | ```
23 |
24 | 3. Run the conformance tests
25 |
26 | ```bash
27 | CONFORMANCE_REPORT_PATH=conformance-report-k8s.yaml make experimental-conformance
28 | ```
29 |
30 | 4. Check the produced report
31 |
32 | ```bash
33 | cat ./conformance-report-k8s.yaml
34 | ```
35 |
--------------------------------------------------------------------------------
/conformance/tests/gateway-invalid-route-kind.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: Gateway
3 | metadata:
4 | name: gateway-only-invalid-route-kind
5 | namespace: gateway-conformance-infra
6 | spec:
7 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
8 | listeners:
9 | - name: http
10 | port: 80
11 | protocol: HTTP
12 | allowedRoutes:
13 | namespaces:
14 | from: All
15 | kinds:
16 | - kind: InvalidRoute
17 | ---
18 | apiVersion: gateway.networking.k8s.io/v1
19 | kind: Gateway
20 | metadata:
21 | name: gateway-supported-and-invalid-route-kind
22 | namespace: gateway-conformance-infra
23 | spec:
24 | gatewayClassName: "{GATEWAY_CLASS_NAME}"
25 | listeners:
26 | - name: http
27 | port: 80
28 | protocol: HTTP
29 | allowedRoutes:
30 | namespaces:
31 | from: All
32 | kinds:
33 | - kind: InvalidRoute
34 | - kind: HTTPRoute
35 |
--------------------------------------------------------------------------------
/examples/standard/tls-cert-cross-namespace.yaml:
--------------------------------------------------------------------------------
1 | #$ Used in:
2 | #$ - site-src/v1alpha2/guides/tls.md
3 | apiVersion: gateway.networking.k8s.io/v1
4 | kind: Gateway
5 | metadata:
6 | name: cross-namespace-tls-gateway
7 | namespace: gateway-api-example-ns1
8 | spec:
9 | gatewayClassName: example
10 | listeners:
11 | - name: https
12 | protocol: HTTPS
13 | port: 443
14 | hostname: "*.example.com"
15 | tls:
16 | certificateRefs:
17 | - kind: Secret
18 | group: ""
19 | name: wildcard-example-com-cert
20 | namespace: gateway-api-example-ns2
21 | ---
22 | apiVersion: gateway.networking.k8s.io/v1beta1
23 | kind: ReferenceGrant
24 | metadata:
25 | name: allow-ns1-gateways-to-ref-secrets
26 | namespace: gateway-api-example-ns2
27 | spec:
28 | from:
29 | - group: gateway.networking.k8s.io
30 | kind: Gateway
31 | namespace: gateway-api-example-ns1
32 | to:
33 | - group: ""
34 | kind: Secret
35 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1beta1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | package v1beta1
20 |
21 | type GatewayExpansion interface{}
22 |
23 | type GatewayClassExpansion interface{}
24 |
25 | type HTTPRouteExpansion interface{}
26 |
27 | type ReferenceGrantExpansion interface{}
28 |
--------------------------------------------------------------------------------
/conformance/reports/v1.2.0/envoy-gateway/README.md:
--------------------------------------------------------------------------------
1 | # Envoy Gateway
2 |
3 | ## Table of Contents
4 |
5 | |API channel|Implementation version|Mode|Report|
6 | |-----------|----------------------|----|------|
7 | | experimental |[v1.2.0-rc.1](https://github.com/envoyproxy/gateway/releases/tag/v1.2.0-rc.1)| default |[v1.2.0 report](./experimental-v1.2.0-default-report.yaml)|
8 |
9 | ## Reproduce
10 |
11 | 1. Clone the Envoy Gateway GitHub repository
12 |
13 | ```bash
14 | git clone https://github.com/envoyproxy/gateway.git && cd gateway
15 | ```
16 |
17 | 2. Check out the desired version
18 |
19 | ```bash
20 | export VERSION=v
21 | git checkout $VERSION
22 | ```
23 |
24 | 3. Run the conformance tests
25 |
26 | ```bash
27 | CONFORMANCE_REPORT_PATH=conformance-report-k8s.yaml make experimental-conformance
28 | ```
29 |
30 | 4. Check the produced report
31 |
32 | ```bash
33 | cat ./conformance-report-k8s.yaml
34 | ```
35 |
--------------------------------------------------------------------------------
/conformance/tests/httproute-cors-allow-credentials-behavior.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: gateway.networking.k8s.io/v1
2 | kind: HTTPRoute
3 | metadata:
4 | name: cors-allow-credentials
5 | namespace: gateway-conformance-infra
6 | spec:
7 | parentRefs:
8 | - name: same-namespace
9 | rules:
10 | - matches:
11 | - path:
12 | type: PathPrefix
13 | value: /cors-behavior-creds-false
14 | backendRefs:
15 | - name: infra-backend-v1
16 | port: 8080
17 | filters:
18 | - cors:
19 | allowOrigins:
20 | - https://app.example
21 | allowCredentials: false
22 | type: CORS
23 | - matches:
24 | - path:
25 | type: PathPrefix
26 | value: /cors-behavior-creds-true
27 | backendRefs:
28 | - name: infra-backend-v1
29 | port: 8080
30 | filters:
31 | - cors:
32 | allowOrigins:
33 | - https://app.example
34 | allowCredentials: true
35 | type: CORS
36 |
37 |
--------------------------------------------------------------------------------
/netlify.toml:
--------------------------------------------------------------------------------
1 | # Netlify build instructions
2 | [build]
3 | command = "make build-docs-netlify"
4 | publish = "site"
5 | [build.environment]
6 | PYTHON_VERSION = "3.12"
7 | GO_VERSION = "1.24.1"
8 |
9 | # Standard Netlify redirects
10 | [[redirects]]
11 | from = "https://main--kubernetes-sigs-gateway-api.netlify.com/*"
12 | to = "https://main.gateway-api.sigs.k8s.io/:splat"
13 | status = 301
14 | force = true
15 |
16 | # HTTP-to-HTTPS rules
17 | [[redirects]]
18 | from = "http://main.gateway-api.sigs.k8s.io/*"
19 | to = "https://main.gateway-api.sigs.k8s.io/:splat"
20 | status = 301
21 | force = true
22 |
23 | [[redirects]]
24 | from = "http://main--kubernetes-sigs-gateway-api.netlify.com/*"
25 | to = "http://main.gateway-api.sigs.k8s.io/:splat"
26 | status = 301
27 | force = true
28 |
29 | [[redirects]]
30 | from = "/geps/gep-1426"
31 | to = "/geps/gep-1294"
32 | status = 301
33 | force = true
34 |
--------------------------------------------------------------------------------
/tools/README.md:
--------------------------------------------------------------------------------
1 | This directory contains the tools used on diverse CI pipelines, Makefile targets, etc.
2 |
3 | It is intended to be a separate directory with a separate go.mod to avoid adding
4 | dependencies to main Gateway API.
5 |
6 | ## Common workflows
7 | Any workflow here should be executed from the repo root directory.
8 |
9 | ### Adding a new tool:
10 |
11 | Adding a new tools means the tool will be added to the specific `go.mod` file.
12 | It is highly recommended that a version is used/pinned, the example below will pick
13 | the latest tagged version and add to the tools file.
14 |
15 | `go get -tool -modfile=tools/go.mod golang.org/x/vuln/cmd/govulncheck@latest`
16 |
17 | ### Executing a tool:
18 | Executing a tool means the same tool pinned on the `go.mod` file will be
19 | built and cached on `$XDG_CONFIG/.cache/go-build` the first time it is called, and
20 | then the binary will be executed normally.
21 |
22 | `go tool -modfile=tools/go.mod govulncheck`
--------------------------------------------------------------------------------
/.github/workflows/kal.yml:
--------------------------------------------------------------------------------
1 | name: PR golangci-lint
2 |
3 | on:
4 | pull_request:
5 | types: [opened, edited, synchronize, reopened]
6 |
7 | # Remove all permissions from GITHUB_TOKEN except metadata.
8 | permissions: {}
9 |
10 | jobs:
11 | golangci:
12 | name: kube-api-lint
13 | runs-on: ubuntu-latest
14 | strategy:
15 | fail-fast: false
16 | steps:
17 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # tag=v6.0.1
18 | name: Checkout code
19 | with:
20 | persist-credentials: false
21 | - name: Set up Go
22 | uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # tag=v6.1.0
23 | - name: Install Golang CI Lint
24 | run: go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.7.0
25 | - name: Build KAL
26 | run: golangci-lint custom -v
27 | - name: run api linter
28 | run: ./bin/golangci-kube-api-linter run -c ./.golangci-kal.yml ./...
29 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *~
2 | .\#*
3 | ._*
4 | \#*\#
5 | /_artifacts/
6 | /bazel-*
7 | bin
8 | .classpath
9 | /cluster/env.sh
10 | /.config/gcloud*/
11 | *.dll
12 | /doc_tmp/
13 | !\.drone\.sec
14 | .DS_Store
15 | *.dylib
16 | .envrc
17 | *.exe
18 | *.exe~
19 | /_gopath/
20 | /.gsutil/
21 | /hack/.test-cmd-auth
22 | **/.hg*
23 | .idea/
24 | *.iml
25 | /junit*.xml
26 | /.make/
27 | .netrwhist
28 | network_closure.sh
29 | *.out
30 | /_output*/
31 | /output*/
32 | .project
33 | *.pyc
34 | [._]*.s[a-w][a-z]
35 | [._]s[a-w][a-z]
36 | Session.vim
37 | .settings/**
38 | *.so
39 | *.swo
40 | *.swp
41 | .tags*
42 | *.test
43 | /third_party/pkg
44 | .*.timestamp
45 | /_tmp/
46 | *.un~
47 | .vagrant
48 | !vendor/**/zz_generated.*
49 | .vscode
50 | /www/test_out
51 | .*.timestamp
52 | /site
53 | go.work.sum
54 | /tmp
55 | /conformance.test
56 |
57 | /cache
58 | .venv/
59 | release/
60 | site-src/reference/spec.md
61 | site-src/reference/specx.md
62 | site-src/reference/**/spec.md
63 | site-src/reference/**/specx.md
64 |
65 |
--------------------------------------------------------------------------------
/conformance/apis/v1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2023 The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // v1 includes GA maturity API types and utilities for creating and
18 | // handling the results of conformance test runs. These types are _only_
19 | // intended for use by the conformance test suite OR external test suites that
20 | // are written in Golang and execute the conformance test suite as a Golang
21 | // library.
22 |
23 | package v1
24 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | package v1
20 |
21 | type BackendTLSPolicyExpansion interface{}
22 |
23 | type GRPCRouteExpansion interface{}
24 |
25 | type GatewayExpansion interface{}
26 |
27 | type GatewayClassExpansion interface{}
28 |
29 | type HTTPRouteExpansion interface{}
30 |
--------------------------------------------------------------------------------
/hack/delete-crds.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Copyright 2020 The Kubernetes Authors.
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 |
17 | set -o errexit
18 | set -o nounset
19 | set -o pipefail
20 |
21 | # Delete all CR and CRDs installed by gateway-api.
22 |
23 | RESOURCES=$(kubectl api-resources --api-group=gateway.networking.k8s.io -o name)
24 |
25 | for TYPE in ${RESOURCES}; do
26 | kubectl delete ${TYPE} --all
27 | kubectl delete crd/${TYPE}
28 | done
29 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/apis/v1alpha2/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Code generated by client-gen. DO NOT EDIT.
18 |
19 | package v1alpha2
20 |
21 | type GRPCRouteExpansion interface{}
22 |
23 | type ReferenceGrantExpansion interface{}
24 |
25 | type TCPRouteExpansion interface{}
26 |
27 | type TLSRouteExpansion interface{}
28 |
29 | type UDPRouteExpansion interface{}
30 |
--------------------------------------------------------------------------------
/hack/verify-codegen.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Copyright 2020 The Kubernetes Authors.
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 |
17 | set -o errexit
18 | set -o nounset
19 | set -o pipefail
20 |
21 | SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")/..
22 |
23 | make -C "$SCRIPT_ROOT" generate
24 |
25 | if git status -s 2>&1 | grep -E -q '^\s+[MADRCU]'
26 | then
27 | echo Uncommitted changes in generated sources:
28 | git status -s
29 | git diff
30 | exit 1
31 | fi
32 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug Report
3 | about: Report a bug encountered with the gateway-api project
4 | labels: kind/bug
5 |
6 | ---
7 |
23 |
24 | **What happened**:
25 |
26 | **What you expected to happen**:
27 |
28 | **How to reproduce it (as minimally and precisely as possible)**:
29 |
30 | **Anything else we need to know?**:
31 |
--------------------------------------------------------------------------------
/conformance/reports/v1.0.0/azure-application-gateway-for-containers/README.md:
--------------------------------------------------------------------------------
1 | # Azure Application Gateway for Containers
2 |
3 | [Application Gateway for Containers][azure-application-gateway-for-containers] is a managed application (layer 7) load balancing solution, providing dynamic traffic management capabilities for workloads running in a Kubernetes cluster in Azure. Follow the [quickstart guide][azure-application-gateway-for-containers-quickstart-controller] to deploy the ALB controller and get started with Gateway API.
4 |
5 | ## Table of Contents
6 |
7 | |API channel|Implementation version|Mode|Report|
8 | |-----------|----------------------|----|------|
9 | |x|[v1.0.0](https://learn.microsoft.com/azure/application-gateway/for-containers/alb-controller-release-notes#latest-release-recommended)|x|[link](./v1.0.0-report.yaml)|
10 |
11 |
12 | [azure-application-gateway-for-containers]:https://aka.ms/appgwcontainers/docs
13 | [azure-application-gateway-for-containers-quickstart-controller]:https://aka.ms/appgwcontainers/docs
14 |
--------------------------------------------------------------------------------