Skip to content

Commit 2818ae6

Browse files
ciarams87ciarams87
committed
Generate all CRDs, update RBAC, fix Alpine tag
1 parent e11a235 commit 2818ae6

File tree

14 files changed

+720
-0
lines changed

14 files changed

+720
-0
lines changed

build/Dockerfile.nginxplus

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,8 @@
11
# syntax=docker/dockerfile:1.17
2+
3+
# renovate: datasource=docker depName=alpine
4+
ARG ALPINE_VERSION=3.21
5+
26
FROM scratch AS nginx-files
37

48
# the following links can be replaced with local files if needed, i.e. ADD --chown=101:1001 <local_file> <container_file>

charts/nginx-gateway-fabric/templates/clusterrole.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,7 @@ rules:
109109
- clientsettingspolicies
110110
- observabilitypolicies
111111
- upstreamsettingspolicies
112+
- wafpolicies
112113
{{- if .Values.nginxGateway.snippetsFilters.enable }}
113114
- snippetsfilters
114115
{{- end }}
@@ -122,6 +123,7 @@ rules:
122123
- clientsettingspolicies/status
123124
- observabilitypolicies/status
124125
- upstreamsettingspolicies/status
126+
- wafpolicies/status
125127
{{- if .Values.nginxGateway.snippetsFilters.enable }}
126128
- snippetsfilters/status
127129
{{- end }}

config/crd/bases/gateway.nginx.org_wafpolicies.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -384,6 +384,9 @@ spec:
384384
required:
385385
- targetRef
386386
type: object
387+
x-kubernetes-validations:
388+
- message: policySource is required when securityLogs are specified
389+
rule: '!has(self.securityLogs) || has(self.policySource)'
387390
status:
388391
description: Status defines the state of the WAFPolicy.
389392
properties:

config/crd/kustomization.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,3 +7,4 @@ resources:
77
- bases/gateway.nginx.org_observabilitypolicies.yaml
88
- bases/gateway.nginx.org_snippetsfilters.yaml
99
- bases/gateway.nginx.org_upstreamsettingspolicies.yaml
10+
- bases/gateway.nginx.org_wafpolicies.yaml

deploy/azure/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ rules:
145145
- clientsettingspolicies
146146
- observabilitypolicies
147147
- upstreamsettingspolicies
148+
- wafpolicies
148149
verbs:
149150
- list
150151
- watch
@@ -155,6 +156,7 @@ rules:
155156
- clientsettingspolicies/status
156157
- observabilitypolicies/status
157158
- upstreamsettingspolicies/status
159+
- wafpolicies/status
158160
verbs:
159161
- update
160162
- apiGroups:

deploy/crds.yaml

Lines changed: 692 additions & 0 deletions
Large diffs are not rendered by default.

deploy/default/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ rules:
145145
- clientsettingspolicies
146146
- observabilitypolicies
147147
- upstreamsettingspolicies
148+
- wafpolicies
148149
verbs:
149150
- list
150151
- watch
@@ -155,6 +156,7 @@ rules:
155156
- clientsettingspolicies/status
156157
- observabilitypolicies/status
157158
- upstreamsettingspolicies/status
159+
- wafpolicies/status
158160
verbs:
159161
- update
160162
- apiGroups:

deploy/experimental-nginx-plus/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -149,6 +149,7 @@ rules:
149149
- clientsettingspolicies
150150
- observabilitypolicies
151151
- upstreamsettingspolicies
152+
- wafpolicies
152153
verbs:
153154
- list
154155
- watch
@@ -159,6 +160,7 @@ rules:
159160
- clientsettingspolicies/status
160161
- observabilitypolicies/status
161162
- upstreamsettingspolicies/status
163+
- wafpolicies/status
162164
verbs:
163165
- update
164166
- apiGroups:

deploy/experimental/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -149,6 +149,7 @@ rules:
149149
- clientsettingspolicies
150150
- observabilitypolicies
151151
- upstreamsettingspolicies
152+
- wafpolicies
152153
verbs:
153154
- list
154155
- watch
@@ -159,6 +160,7 @@ rules:
159160
- clientsettingspolicies/status
160161
- observabilitypolicies/status
161162
- upstreamsettingspolicies/status
163+
- wafpolicies/status
162164
verbs:
163165
- update
164166
- apiGroups:

deploy/nginx-plus/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ rules:
145145
- clientsettingspolicies
146146
- observabilitypolicies
147147
- upstreamsettingspolicies
148+
- wafpolicies
148149
verbs:
149150
- list
150151
- watch
@@ -155,6 +156,7 @@ rules:
155156
- clientsettingspolicies/status
156157
- observabilitypolicies/status
157158
- upstreamsettingspolicies/status
159+
- wafpolicies/status
158160
verbs:
159161
- update
160162
- apiGroups:

deploy/nodeport/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ rules:
145145
- clientsettingspolicies
146146
- observabilitypolicies
147147
- upstreamsettingspolicies
148+
- wafpolicies
148149
verbs:
149150
- list
150151
- watch
@@ -155,6 +156,7 @@ rules:
155156
- clientsettingspolicies/status
156157
- observabilitypolicies/status
157158
- upstreamsettingspolicies/status
159+
- wafpolicies/status
158160
verbs:
159161
- update
160162
- apiGroups:

deploy/openshift/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ rules:
145145
- clientsettingspolicies
146146
- observabilitypolicies
147147
- upstreamsettingspolicies
148+
- wafpolicies
148149
verbs:
149150
- list
150151
- watch
@@ -155,6 +156,7 @@ rules:
155156
- clientsettingspolicies/status
156157
- observabilitypolicies/status
157158
- upstreamsettingspolicies/status
159+
- wafpolicies/status
158160
verbs:
159161
- update
160162
- apiGroups:

deploy/snippets-filters-nginx-plus/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ rules:
145145
- clientsettingspolicies
146146
- observabilitypolicies
147147
- upstreamsettingspolicies
148+
- wafpolicies
148149
- snippetsfilters
149150
verbs:
150151
- list
@@ -156,6 +157,7 @@ rules:
156157
- clientsettingspolicies/status
157158
- observabilitypolicies/status
158159
- upstreamsettingspolicies/status
160+
- wafpolicies/status
159161
- snippetsfilters/status
160162
verbs:
161163
- update

deploy/snippets-filters/deploy.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,6 +145,7 @@ rules:
145145
- clientsettingspolicies
146146
- observabilitypolicies
147147
- upstreamsettingspolicies
148+
- wafpolicies
148149
- snippetsfilters
149150
verbs:
150151
- list
@@ -156,6 +157,7 @@ rules:
156157
- clientsettingspolicies/status
157158
- observabilitypolicies/status
158159
- upstreamsettingspolicies/status
160+
- wafpolicies/status
159161
- snippetsfilters/status
160162
verbs:
161163
- update

0 commit comments

Comments
 (0)