Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add validation to Enabled/Disabled fields in ApplicationLayer #3483

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add validation to Enabled/Disabled fields in ApplicationLayer #3483

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions api/v1/applicationlayer_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,13 @@ import (
type ApplicationLayerSpec struct {
// WebApplicationFirewall controls whether or not ModSecurity enforcement is enabled for the cluster.
// When enabled, Services may opt-in to having ingress traffic examed by ModSecurity.
// +kubebuilder:validation:Enum=Enabled;Disabled
WebApplicationFirewall *WAFStatusType `json:"webApplicationFirewall,omitempty"`
// Specification for application layer (L7) log collection.
LogCollection *LogCollectionSpec `json:"logCollection,omitempty"`
// Application Layer Policy controls whether or not ALP enforcement is enabled for the cluster.
// When enabled, NetworkPolicies with HTTP Match rules may be defined to opt-in workloads for traffic enforcement on the application layer.
// +kubebuilder:validation:Enum=Enabled;Disabled
ApplicationLayerPolicy *ApplicationLayerPolicyStatusType `json:"applicationLayerPolicy,omitempty"`
// User-configurable settings for the Envoy proxy.
EnvoySettings *EnvoySettings `json:"envoy,omitempty"`
Expand Down Expand Up @@ -72,6 +74,7 @@ type LogCollectionSpec struct {
// This setting enables or disable log collection.
// Allowed values are Enabled or Disabled.
// +optional
// +kubebuilder:validation:Enum=Enabled;Disabled
CollectLogs *LogCollectionStatusType `json:"collectLogs,omitempty"`

// Interval in seconds for sending L7 log information for processing.
Expand Down
9 changes: 9 additions & 0 deletions pkg/crds/operator/operator.tigera.io_applicationlayers.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,9 @@ spec:
description: |-
Application Layer Policy controls whether or not ALP enforcement is enabled for the cluster.
When enabled, NetworkPolicies with HTTP Match rules may be defined to opt-in workloads for traffic enforcement on the application layer.
enum:
- Enabled
- Disabled
type: string
envoy:
description: User-configurable settings for the Envoy proxy.
Expand Down Expand Up @@ -239,6 +242,9 @@ spec:
description: |-
This setting enables or disable log collection.
Allowed values are Enabled or Disabled.
enum:
- Enabled
- Disabled
type: string
logIntervalSeconds:
description: |-
Expand All @@ -259,6 +265,9 @@ spec:
description: |-
WebApplicationFirewall controls whether or not ModSecurity enforcement is enabled for the cluster.
When enabled, Services may opt-in to having ingress traffic examed by ModSecurity.
enum:
- Enabled
- Disabled
type: string
type: object
status:
Expand Down
Loading