Skip to content

Commit

Permalink
update generated code
Browse files Browse the repository at this point in the history
  • Loading branch information
@KauzClay
KauzClay committed Oct 13, 2023
1 parent 2f91d69 commit 069fd5f
Show file tree
Hide file tree
Showing 7 changed files with 461 additions and 0 deletions.
5 changes: 5 additions & 0 deletions apis/projectcontour/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

88 changes: 88 additions & 0 deletions examples/contour/01-crds.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,48 @@ spec:
format: int32
minimum: 1
type: integer
upstream-tls:
description: UpstreamTLS contains the TLS policy parameters
for upstream connections
properties:
cipherSuites:
description: "CipherSuites defines the TLS ciphers to
be supported by Envoy TLS listeners when negotiating
TLS 1.2. Ciphers are validated against the set that
Envoy supports by default. This parameter should only
be used by advanced users. Note that these will be ignored
when TLS 1.3 is in use. \n This field is optional; when
it is undefined, a Contour-managed ciphersuite list
will be used, which may be updated to keep it secure.
\n Contour's default list is: - \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES256-GCM-SHA384\" - \"ECDHE-RSA-AES256-GCM-SHA384\"
\n Ciphers provided are validated against the following
list: - \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES128-GCM-SHA256\" - \"ECDHE-RSA-AES128-GCM-SHA256\"
- \"ECDHE-ECDSA-AES128-SHA\" - \"ECDHE-RSA-AES128-SHA\"
- \"AES128-GCM-SHA256\" - \"AES128-SHA\" - \"ECDHE-ECDSA-AES256-GCM-SHA384\"
- \"ECDHE-RSA-AES256-GCM-SHA384\" - \"ECDHE-ECDSA-AES256-SHA\"
- \"ECDHE-RSA-AES256-SHA\" - \"AES256-GCM-SHA384\" -
\"AES256-SHA\" \n Contour recommends leaving this undefined
unless you are sure you must. \n See: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#extensions-transport-sockets-tls-v3-tlsparameters
Note: This list is a superset of what is valid for stock
Envoy builds and those using BoringSSL FIPS."
items:
type: string
type: array
maximumProtocolVersion:
description: "MaximumProtocolVersion is the maximum TLS
version this vhost should negotiate. \n Values: `1.2`,
`1.3`(default). \n Other values will produce an error."
type: string
minimumProtocolVersion:
description: "MinimumProtocolVersion is the minimum TLS
version this vhost should negotiate. \n Values: `1.2`
(default), `1.3`. \n Other values will produce an error."
type: string
type: object
type: object
defaultHTTPVersions:
description: "DefaultHTTPVersions defines the default set of HTTPS
Expand Down Expand Up @@ -3547,6 +3589,52 @@ spec:
format: int32
minimum: 1
type: integer
upstream-tls:
description: UpstreamTLS contains the TLS policy parameters
for upstream connections
properties:
cipherSuites:
description: "CipherSuites defines the TLS ciphers
to be supported by Envoy TLS listeners when negotiating
TLS 1.2. Ciphers are validated against the set that
Envoy supports by default. This parameter should
only be used by advanced users. Note that these
will be ignored when TLS 1.3 is in use. \n This
field is optional; when it is undefined, a Contour-managed
ciphersuite list will be used, which may be updated
to keep it secure. \n Contour's default list is:
- \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES256-GCM-SHA384\" - \"ECDHE-RSA-AES256-GCM-SHA384\"
\n Ciphers provided are validated against the following
list: - \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES128-GCM-SHA256\" - \"ECDHE-RSA-AES128-GCM-SHA256\"
- \"ECDHE-ECDSA-AES128-SHA\" - \"ECDHE-RSA-AES128-SHA\"
- \"AES128-GCM-SHA256\" - \"AES128-SHA\" - \"ECDHE-ECDSA-AES256-GCM-SHA384\"
- \"ECDHE-RSA-AES256-GCM-SHA384\" - \"ECDHE-ECDSA-AES256-SHA\"
- \"ECDHE-RSA-AES256-SHA\" - \"AES256-GCM-SHA384\"
- \"AES256-SHA\" \n Contour recommends leaving this
undefined unless you are sure you must. \n See:
https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#extensions-transport-sockets-tls-v3-tlsparameters
Note: This list is a superset of what is valid for
stock Envoy builds and those using BoringSSL FIPS."
items:
type: string
type: array
maximumProtocolVersion:
description: "MaximumProtocolVersion is the maximum
TLS version this vhost should negotiate. \n Values:
`1.2`, `1.3`(default). \n Other values will produce
an error."
type: string
minimumProtocolVersion:
description: "MinimumProtocolVersion is the minimum
TLS version this vhost should negotiate. \n Values:
`1.2` (default), `1.3`. \n Other values will produce
an error."
type: string
type: object
type: object
defaultHTTPVersions:
description: "DefaultHTTPVersions defines the default set
Expand Down
88 changes: 88 additions & 0 deletions examples/render/contour-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,48 @@ spec:
format: int32
minimum: 1
type: integer
upstream-tls:
description: UpstreamTLS contains the TLS policy parameters
for upstream connections
properties:
cipherSuites:
description: "CipherSuites defines the TLS ciphers to
be supported by Envoy TLS listeners when negotiating
TLS 1.2. Ciphers are validated against the set that
Envoy supports by default. This parameter should only
be used by advanced users. Note that these will be ignored
when TLS 1.3 is in use. \n This field is optional; when
it is undefined, a Contour-managed ciphersuite list
will be used, which may be updated to keep it secure.
\n Contour's default list is: - \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES256-GCM-SHA384\" - \"ECDHE-RSA-AES256-GCM-SHA384\"
\n Ciphers provided are validated against the following
list: - \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES128-GCM-SHA256\" - \"ECDHE-RSA-AES128-GCM-SHA256\"
- \"ECDHE-ECDSA-AES128-SHA\" - \"ECDHE-RSA-AES128-SHA\"
- \"AES128-GCM-SHA256\" - \"AES128-SHA\" - \"ECDHE-ECDSA-AES256-GCM-SHA384\"
- \"ECDHE-RSA-AES256-GCM-SHA384\" - \"ECDHE-ECDSA-AES256-SHA\"
- \"ECDHE-RSA-AES256-SHA\" - \"AES256-GCM-SHA384\" -
\"AES256-SHA\" \n Contour recommends leaving this undefined
unless you are sure you must. \n See: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#extensions-transport-sockets-tls-v3-tlsparameters
Note: This list is a superset of what is valid for stock
Envoy builds and those using BoringSSL FIPS."
items:
type: string
type: array
maximumProtocolVersion:
description: "MaximumProtocolVersion is the maximum TLS
version this vhost should negotiate. \n Values: `1.2`,
`1.3`(default). \n Other values will produce an error."
type: string
minimumProtocolVersion:
description: "MinimumProtocolVersion is the minimum TLS
version this vhost should negotiate. \n Values: `1.2`
(default), `1.3`. \n Other values will produce an error."
type: string
type: object
type: object
defaultHTTPVersions:
description: "DefaultHTTPVersions defines the default set of HTTPS
Expand Down Expand Up @@ -3766,6 +3808,52 @@ spec:
format: int32
minimum: 1
type: integer
upstream-tls:
description: UpstreamTLS contains the TLS policy parameters
for upstream connections
properties:
cipherSuites:
description: "CipherSuites defines the TLS ciphers
to be supported by Envoy TLS listeners when negotiating
TLS 1.2. Ciphers are validated against the set that
Envoy supports by default. This parameter should
only be used by advanced users. Note that these
will be ignored when TLS 1.3 is in use. \n This
field is optional; when it is undefined, a Contour-managed
ciphersuite list will be used, which may be updated
to keep it secure. \n Contour's default list is:
- \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES256-GCM-SHA384\" - \"ECDHE-RSA-AES256-GCM-SHA384\"
\n Ciphers provided are validated against the following
list: - \"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\"
- \"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\"
- \"ECDHE-ECDSA-AES128-GCM-SHA256\" - \"ECDHE-RSA-AES128-GCM-SHA256\"
- \"ECDHE-ECDSA-AES128-SHA\" - \"ECDHE-RSA-AES128-SHA\"
- \"AES128-GCM-SHA256\" - \"AES128-SHA\" - \"ECDHE-ECDSA-AES256-GCM-SHA384\"
- \"ECDHE-RSA-AES256-GCM-SHA384\" - \"ECDHE-ECDSA-AES256-SHA\"
- \"ECDHE-RSA-AES256-SHA\" - \"AES256-GCM-SHA384\"
- \"AES256-SHA\" \n Contour recommends leaving this
undefined unless you are sure you must. \n See:
https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#extensions-transport-sockets-tls-v3-tlsparameters
Note: This list is a superset of what is valid for
stock Envoy builds and those using BoringSSL FIPS."
items:
type: string
type: array
maximumProtocolVersion:
description: "MaximumProtocolVersion is the maximum
TLS version this vhost should negotiate. \n Values:
`1.2`, `1.3`(default). \n Other values will produce
an error."
type: string
minimumProtocolVersion:
description: "MinimumProtocolVersion is the minimum
TLS version this vhost should negotiate. \n Values:
`1.2` (default), `1.3`. \n Other values will produce
an error."
type: string
type: object
type: object
defaultHTTPVersions:
description: "DefaultHTTPVersions defines the default set
Expand Down
Loading

0 comments on commit 069fd5f

Please sign in to comment.