...

Text file src/edge-infra.dev/test/fixtures/warehouse/layout/blobs/sha256/a3679b450e9293a9623afcfd2d35a6063da90b5f8ccb71c965b440707d59de89

Documentation: edge-infra.dev/test/fixtures/warehouse/layout/blobs/sha256

     1apiVersion: v1
     2kind: Namespace
     3metadata:
     4  name: emissary
     5  labels:
     6    platform.edge.ncr.com/component: emissary
     7  annotations:
     8    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
     9    pallet.edge.ncr.com/name: store-emissary
    10    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    11    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    12    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    13    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
    14---
    15apiVersion: apiextensions.k8s.io/v1
    16kind: CustomResourceDefinition
    17metadata:
    18  name: authservices.getambassador.io
    19  labels:
    20    app.kubernetes.io/name: ambassador
    21    product: aes
    22    platform.edge.ncr.com/component: emissary
    23  annotations:
    24    controller-gen.kubebuilder.io/version: v0.5.0
    25    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    26    pallet.edge.ncr.com/name: store-emissary
    27    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    28    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    29    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    30    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
    31spec:
    32  group: getambassador.io
    33  names:
    34    kind: AuthService
    35    categories:
    36    - ambassador-crds
    37    listKind: AuthServiceList
    38    plural: authservices
    39    singular: authservice
    40  scope: Namespaced
    41  versions:
    42  - name: v3alpha1
    43    schema:
    44      openAPIV3Schema:
    45        type: object
    46        description: AuthService is the Schema for the authservices API
    47        properties:
    48          apiVersion:
    49            type: string
    50            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
    51          kind:
    52            type: string
    53            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
    54          metadata:
    55            type: object
    56          spec:
    57            type: object
    58            description: AuthServiceSpec defines the desired state of AuthService
    59            properties:
    60              add_auth_headers:
    61                type: object
    62                additionalProperties:
    63                  type: string
    64              add_linkerd_headers:
    65                type: boolean
    66              allow_request_body:
    67                type: boolean
    68              allowed_authorization_headers:
    69                type: array
    70                items:
    71                  type: string
    72              allowed_request_headers:
    73                type: array
    74                items:
    75                  type: string
    76              ambassador_id:
    77                type: array
    78                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
    79                items:
    80                  type: string
    81              auth_service:
    82                type: string
    83              failure_mode_allow:
    84                type: boolean
    85              include_body:
    86                type: object
    87                properties:
    88                  allow_partial:
    89                    type: boolean
    90                  max_bytes:
    91                    type: integer
    92                    description: These aren't pointer types because they are required.
    93                required:
    94                - allow_partial
    95                - max_bytes
    96              path_prefix:
    97                type: string
    98              proto:
    99                type: string
   100                enum:
   101                - http
   102                - grpc
   103              protocol_version:
   104                type: string
   105                enum:
   106                - v2
   107                - v3
   108              stats_name:
   109                type: string
   110              status_on_error:
   111                type: object
   112                description: Why isn't this just an int??
   113                properties:
   114                  code:
   115                    type: integer
   116              timeout_ms:
   117                type: integer
   118              tls:
   119                type: string
   120            required:
   121            - auth_service
   122    served: true
   123    storage: true
   124---
   125apiVersion: apiextensions.k8s.io/v1
   126kind: CustomResourceDefinition
   127metadata:
   128  name: consulresolvers.getambassador.io
   129  labels:
   130    app.kubernetes.io/name: ambassador
   131    product: aes
   132    platform.edge.ncr.com/component: emissary
   133  annotations:
   134    controller-gen.kubebuilder.io/version: v0.5.0
   135    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   136    pallet.edge.ncr.com/name: store-emissary
   137    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   138    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   139    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   140    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   141spec:
   142  group: getambassador.io
   143  names:
   144    kind: ConsulResolver
   145    categories:
   146    - ambassador-crds
   147    listKind: ConsulResolverList
   148    plural: consulresolvers
   149    singular: consulresolver
   150  scope: Namespaced
   151  versions:
   152  - name: v3alpha1
   153    schema:
   154      openAPIV3Schema:
   155        type: object
   156        description: ConsulResolver is the Schema for the ConsulResolver API
   157        properties:
   158          apiVersion:
   159            type: string
   160            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   161          kind:
   162            type: string
   163            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   164          metadata:
   165            type: object
   166          spec:
   167            type: object
   168            description: ConsulResolver tells Ambassador to use Consul to resolve services. In addition to the AmbassadorID, it needs information about which Consul server and DC to use.
   169            properties:
   170              address:
   171                type: string
   172              ambassador_id:
   173                type: array
   174                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
   175                items:
   176                  type: string
   177              datacenter:
   178                type: string
   179    served: true
   180    storage: true
   181---
   182apiVersion: apiextensions.k8s.io/v1
   183kind: CustomResourceDefinition
   184metadata:
   185  name: devportals.getambassador.io
   186  labels:
   187    app.kubernetes.io/name: ambassador
   188    product: aes
   189    platform.edge.ncr.com/component: emissary
   190  annotations:
   191    controller-gen.kubebuilder.io/version: v0.5.0
   192    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   193    pallet.edge.ncr.com/name: store-emissary
   194    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   195    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   196    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   197    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   198spec:
   199  group: getambassador.io
   200  names:
   201    kind: DevPortal
   202    categories:
   203    - ambassador-crds
   204    listKind: DevPortalList
   205    plural: devportals
   206    singular: devportal
   207  scope: Namespaced
   208  versions:
   209  - name: v3alpha1
   210    schema:
   211      openAPIV3Schema:
   212        type: object
   213        description: "DevPortal is the Schema for the DevPortals API \n DevPortal resources specify the `what` and `how` is shown in a DevPortal: \n * `what` is in a DevPortal can be controlled with   - a `selector`, that can be used for filtering `Mappings`.   - a `docs` listing of (services, url) * `how` is a pointer to some `contents` (a checkout of a Git repository   with go-templates/markdown/css). \n Multiple `DevPortal`s can exist in the cluster, and the Dev Portal server will show them at different endpoints. A `DevPortal` resource with a special name, `ambassador`, will be used for configuring the default Dev Portal (served at `/docs/` by default)."
   214        properties:
   215          apiVersion:
   216            type: string
   217            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   218          kind:
   219            type: string
   220            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   221          metadata:
   222            type: object
   223          spec:
   224            type: object
   225            description: DevPortalSpec defines the desired state of DevPortal
   226            properties:
   227              selector:
   228                type: object
   229                description: Selector is used for choosing what is shown in the DevPortal
   230                properties:
   231                  matchLabels:
   232                    type: object
   233                    additionalProperties:
   234                      type: string
   235                    description: MatchLabels specifies the list of labels that must be present in Mappings for being present in this DevPortal.
   236                  matchNamespaces:
   237                    type: array
   238                    description: MatchNamespaces is a list of namespaces that will be included in this DevPortal.
   239                    items:
   240                      type: string
   241              ambassador_id:
   242                type: array
   243                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
   244                items:
   245                  type: string
   246              content:
   247                type: object
   248                description: Content specifies where the content shown in the DevPortal come from
   249                properties:
   250                  branch:
   251                    type: string
   252                  dir:
   253                    type: string
   254                  url:
   255                    type: string
   256              default:
   257                type: boolean
   258                description: Default must be true when this is the default DevPortal
   259              docs:
   260                type: array
   261                description: Docs is a static docs definition
   262                items:
   263                  type: object
   264                  description: 'DevPortalDocsSpec is a static documentation definition: instead of using a Selector for finding documentation for services, users can provide a static list of <service>:<URL> tuples. These services will be shown in the Dev Portal with the documentation obtained from this URL.'
   265                  properties:
   266                    service:
   267                      type: string
   268                      description: Service is the service being documented
   269                    timeout_ms:
   270                      type: integer
   271                      description: Timeout specifies the amount of time devportal will wait for the downstream service to report an openapi spec back
   272                    url:
   273                      type: string
   274                      description: URL is the URL used for obtaining docs
   275              naming_scheme:
   276                type: string
   277                description: Describes how to display "services" in the DevPortal. Default namespace.name
   278                enum:
   279                - namespace.name
   280                - name.prefix
   281              preserve_servers:
   282                type: boolean
   283                description: Configures this DevPortal to use server definitions from the openAPI doc instead of rewriting them based on the url used for the connection.
   284              search:
   285                type: object
   286                description: DevPortalSearchSpec allows configuration over search functionality for the DevPortal
   287                properties:
   288                  type:
   289                    type: string
   290                    description: 'Type of search. "title-only" does a fuzzy search over openapi and page titles "all-content" will fuzzy search over all openapi and page content. "title-only" is the default. warning:  using all-content may incur a larger memory footprint'
   291                    enum:
   292                    - title-only
   293                    - all-content
   294                  enabled:
   295                    type: boolean
   296    served: true
   297    storage: true
   298---
   299apiVersion: apiextensions.k8s.io/v1
   300kind: CustomResourceDefinition
   301metadata:
   302  name: hosts.getambassador.io
   303  labels:
   304    app.kubernetes.io/name: ambassador
   305    product: aes
   306    platform.edge.ncr.com/component: emissary
   307  annotations:
   308    controller-gen.kubebuilder.io/version: v0.5.0
   309    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   310    pallet.edge.ncr.com/name: store-emissary
   311    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   312    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   313    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   314    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   315spec:
   316  group: getambassador.io
   317  names:
   318    kind: Host
   319    categories:
   320    - ambassador-crds
   321    listKind: HostList
   322    plural: hosts
   323    singular: host
   324  scope: Namespaced
   325  versions:
   326  - name: v3alpha1
   327    additionalPrinterColumns:
   328    - name: Hostname
   329      type: string
   330      jsonPath: .spec.hostname
   331    - name: State
   332      type: string
   333      jsonPath: .status.state
   334    - name: Phase Completed
   335      type: string
   336      jsonPath: .status.phaseCompleted
   337    - name: Phase Pending
   338      type: string
   339      jsonPath: .status.phasePending
   340    - name: Age
   341      type: date
   342      jsonPath: .metadata.creationTimestamp
   343    schema:
   344      openAPIV3Schema:
   345        type: object
   346        description: Host is the Schema for the hosts API
   347        properties:
   348          apiVersion:
   349            type: string
   350            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   351          kind:
   352            type: string
   353            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   354          metadata:
   355            type: object
   356          spec:
   357            type: object
   358            description: HostSpec defines the desired state of Host
   359            properties:
   360              selector:
   361                type: object
   362                description: 'DEPRECATED: Selector by which we can find further configuration. Use MappingSelector instead.'
   363                properties:
   364                  matchExpressions:
   365                    type: array
   366                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
   367                    items:
   368                      type: object
   369                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
   370                      properties:
   371                        key:
   372                          type: string
   373                          description: key is the label key that the selector applies to.
   374                        operator:
   375                          type: string
   376                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
   377                        values:
   378                          type: array
   379                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
   380                          items:
   381                            type: string
   382                      required:
   383                      - key
   384                      - operator
   385                  matchLabels:
   386                    type: object
   387                    additionalProperties:
   388                      type: string
   389                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
   390              hostname:
   391                type: string
   392                description: Hostname by which the Ambassador can be reached.
   393              acmeProvider:
   394                type: object
   395                description: Specifies whether/who to talk ACME with to automatically manage the $tlsSecret.
   396                properties:
   397                  authority:
   398                    type: string
   399                    description: Specifies who to talk ACME with to get certs. Defaults to Let's Encrypt; if "none" (case-insensitive), do not try to do ACME for this Host.
   400                  email:
   401                    type: string
   402                  privateKeySecret:
   403                    type: object
   404                    description: "Specifies the Kubernetes Secret to use to store the private key of the ACME account (essentially, where to store the auto-generated password for the auto-created ACME account).  You should not normally need to set this--the default value is based on a combination of the ACME authority being registered wit and the email address associated with the account. \n Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string.  Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation."
   405                    properties:
   406                      name:
   407                        type: string
   408                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
   409                  registration:
   410                    type: string
   411                    description: This is normally set automatically
   412              ambassadorId:
   413                type: array
   414                description: A compatibility alias for "ambassador_id"; because Host used to be specified with protobuf, and jsonpb allowed either "ambassador_id" or "ambassadorId", and even though we didn't tell people about "ambassadorId" it's what the web policy console generated because of jsonpb.  So Hosts with 'ambassadorId' exist in the wild.
   415                items:
   416                  type: string
   417              ambassador_id:
   418                type: array
   419                description: Common to all Ambassador objects (and optional).
   420                items:
   421                  type: string
   422              mapping_selector:
   423                type: object
   424                description: Selector for Mappings we'll associate with this Host.
   425                properties:
   426                  matchExpressions:
   427                    type: array
   428                    description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
   429                    items:
   430                      type: object
   431                      description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
   432                      properties:
   433                        key:
   434                          type: string
   435                          description: key is the label key that the selector applies to.
   436                        operator:
   437                          type: string
   438                          description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
   439                        values:
   440                          type: array
   441                          description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
   442                          items:
   443                            type: string
   444                      required:
   445                      - key
   446                      - operator
   447                  matchLabels:
   448                    type: object
   449                    additionalProperties:
   450                      type: string
   451                    description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
   452              previewUrl:
   453                type: object
   454                description: Configuration for the Preview URL feature of Service Preview. Defaults to preview URLs not enabled.
   455                properties:
   456                  type:
   457                    type: string
   458                    description: What type of Preview URL is allowed?
   459                    enum:
   460                    - Path
   461                  enabled:
   462                    type: boolean
   463                    description: Is the Preview URL feature enabled?
   464              requestPolicy:
   465                type: object
   466                description: Request policy definition.
   467                properties:
   468                  insecure:
   469                    type: object
   470                    properties:
   471                      action:
   472                        type: string
   473                        enum:
   474                        - Redirect
   475                        - Reject
   476                        - Route
   477                      additionalPort:
   478                        type: integer
   479              tls:
   480                type: object
   481                description: TLS configuration.  It is not valid to specify both `tlsContext` and `tls`.
   482                properties:
   483                  alpn_protocols:
   484                    type: string
   485                  ca_secret:
   486                    type: string
   487                  cacert_chain_file:
   488                    type: string
   489                  cert_chain_file:
   490                    type: string
   491                  cert_required:
   492                    type: boolean
   493                  cipher_suites:
   494                    type: array
   495                    items:
   496                      type: string
   497                  ecdh_curves:
   498                    type: array
   499                    items:
   500                      type: string
   501                  max_tls_version:
   502                    type: string
   503                  min_tls_version:
   504                    type: string
   505                  private_key_file:
   506                    type: string
   507                  redirect_cleartext_from:
   508                    type: integer
   509                  sni:
   510                    type: string
   511              tlsContext:
   512                type: object
   513                description: "Name of the TLSContext the Host resource is linked with. It is not valid to specify both `tlsContext` and `tls`. \n Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string.  Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation."
   514                properties:
   515                  name:
   516                    type: string
   517                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
   518              tlsSecret:
   519                type: object
   520                description: "Name of the Kubernetes secret into which to save generated certificates.  If ACME is enabled (see $acmeProvider), then the default is $hostname; otherwise the default is \"\".  If the value is \"\", then we do not do TLS for this Host. \n Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string.  Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation."
   521                properties:
   522                  name:
   523                    type: string
   524                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
   525          status:
   526            type: object
   527            description: HostStatus defines the observed state of Host
   528            properties:
   529              errorBackoff:
   530                type: string
   531              errorReason:
   532                type: string
   533                description: errorReason, errorTimestamp, and errorBackoff are valid when state==Error.
   534              errorTimestamp:
   535                type: string
   536                format: date-time
   537              phaseCompleted:
   538                type: string
   539                description: phaseCompleted and phasePending are valid when state==Pending or state==Error.
   540                enum:
   541                - NA
   542                - DefaultsFilled
   543                - ACMEUserPrivateKeyCreated
   544                - ACMEUserRegistered
   545                - ACMECertificateChallenge
   546              phasePending:
   547                type: string
   548                description: phaseCompleted and phasePending are valid when state==Pending or state==Error.
   549                enum:
   550                - NA
   551                - DefaultsFilled
   552                - ACMEUserPrivateKeyCreated
   553                - ACMEUserRegistered
   554                - ACMECertificateChallenge
   555              state:
   556                type: string
   557                description: The first value listed in the Enum marker becomes the "zero" value, and it would be great if "Pending" could be the default value; but it's Important that the "zero" value be able to be shown as empty/omitted from display, and we really do want `kubectl get hosts` to say "Pending" in the "STATE" column, and not leave the column empty.
   558                enum:
   559                - Initial
   560                - Pending
   561                - Ready
   562                - Error
   563              tlsCertificateSource:
   564                type: string
   565                enum:
   566                - Unknown
   567                - None
   568                - Other
   569                - ACME
   570    served: true
   571    storage: true
   572    subresources:
   573      status: {}
   574---
   575apiVersion: apiextensions.k8s.io/v1
   576kind: CustomResourceDefinition
   577metadata:
   578  name: kubernetesendpointresolvers.getambassador.io
   579  labels:
   580    app.kubernetes.io/name: ambassador
   581    product: aes
   582    platform.edge.ncr.com/component: emissary
   583  annotations:
   584    controller-gen.kubebuilder.io/version: v0.5.0
   585    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   586    pallet.edge.ncr.com/name: store-emissary
   587    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   588    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   589    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   590    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   591spec:
   592  group: getambassador.io
   593  names:
   594    kind: KubernetesEndpointResolver
   595    categories:
   596    - ambassador-crds
   597    listKind: KubernetesEndpointResolverList
   598    plural: kubernetesendpointresolvers
   599    singular: kubernetesendpointresolver
   600  scope: Namespaced
   601  versions:
   602  - name: v3alpha1
   603    schema:
   604      openAPIV3Schema:
   605        type: object
   606        description: KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver API
   607        properties:
   608          apiVersion:
   609            type: string
   610            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   611          kind:
   612            type: string
   613            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   614          metadata:
   615            type: object
   616          spec:
   617            type: object
   618            description: KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints resources to resolve services. It actually has no spec other than the AmbassadorID.
   619            properties:
   620              ambassador_id:
   621                type: array
   622                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
   623                items:
   624                  type: string
   625    served: true
   626    storage: true
   627---
   628apiVersion: apiextensions.k8s.io/v1
   629kind: CustomResourceDefinition
   630metadata:
   631  name: kubernetesserviceresolvers.getambassador.io
   632  labels:
   633    app.kubernetes.io/name: ambassador
   634    product: aes
   635    platform.edge.ncr.com/component: emissary
   636  annotations:
   637    controller-gen.kubebuilder.io/version: v0.5.0
   638    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   639    pallet.edge.ncr.com/name: store-emissary
   640    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   641    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   642    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   643    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   644spec:
   645  group: getambassador.io
   646  names:
   647    kind: KubernetesServiceResolver
   648    categories:
   649    - ambassador-crds
   650    listKind: KubernetesServiceResolverList
   651    plural: kubernetesserviceresolvers
   652    singular: kubernetesserviceresolver
   653  scope: Namespaced
   654  versions:
   655  - name: v3alpha1
   656    schema:
   657      openAPIV3Schema:
   658        type: object
   659        description: KubernetesServiceResolver is the Schema for the kubernetesserviceresolver API
   660        properties:
   661          apiVersion:
   662            type: string
   663            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   664          kind:
   665            type: string
   666            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   667          metadata:
   668            type: object
   669          spec:
   670            type: object
   671            description: KubernetesServiceResolver tells Ambassador to use Kubernetes Service resources to resolve services. It actually has no spec other than the AmbassadorID.
   672            properties:
   673              ambassador_id:
   674                type: array
   675                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
   676                items:
   677                  type: string
   678    served: true
   679    storage: true
   680---
   681apiVersion: apiextensions.k8s.io/v1
   682kind: CustomResourceDefinition
   683metadata:
   684  name: listeners.getambassador.io
   685  labels:
   686    app.kubernetes.io/name: ambassador
   687    product: aes
   688    platform.edge.ncr.com/component: emissary
   689  annotations:
   690    controller-gen.kubebuilder.io/version: v0.5.0
   691    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   692    pallet.edge.ncr.com/name: store-emissary
   693    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   694    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   695    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   696    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   697spec:
   698  group: getambassador.io
   699  names:
   700    kind: Listener
   701    categories:
   702    - ambassador-crds
   703    listKind: ListenerList
   704    plural: listeners
   705    singular: listener
   706  scope: Namespaced
   707  versions:
   708  - name: v3alpha1
   709    additionalPrinterColumns:
   710    - name: Port
   711      type: string
   712      jsonPath: .spec.port
   713    - name: Protocol
   714      type: string
   715      jsonPath: .spec.protocol
   716    - name: Stack
   717      type: string
   718      jsonPath: .spec.protocolStack
   719    - name: StatsPrefix
   720      type: string
   721      jsonPath: .spec.statsPrefix
   722    - name: Security
   723      type: string
   724      jsonPath: .spec.securityModel
   725    - name: L7Depth
   726      type: string
   727      jsonPath: .spec.l7Depth
   728    schema:
   729      openAPIV3Schema:
   730        type: object
   731        description: Listener is the Schema for the hosts API
   732        properties:
   733          apiVersion:
   734            type: string
   735            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   736          kind:
   737            type: string
   738            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   739          metadata:
   740            type: object
   741          spec:
   742            type: object
   743            description: ListenerSpec defines the desired state of this Port
   744            properties:
   745              protocol:
   746                type: string
   747                description: Protocol is a shorthand for certain predefined stacks. Exactly one of Protocol or ProtocolStack must be supplied.
   748                enum:
   749                - HTTP
   750                - HTTPS
   751                - HTTPPROXY
   752                - HTTPSPROXY
   753                - TCP
   754                - TLS
   755                - UDP
   756              port:
   757                type: integer
   758                description: Port is the network port. Only one Listener can use a given port.
   759                format: int32
   760                maximum: 65535
   761                minimum: 1
   762              ambassador_id:
   763                type: array
   764                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
   765                items:
   766                  type: string
   767              hostBinding:
   768                type: object
   769                description: HostBinding allows restricting which Hosts will be used for this Listener.
   770                properties:
   771                  namespace:
   772                    type: object
   773                    description: NamespaceBindingType defines we we specify which namespaces to look for Hosts in.
   774                    properties:
   775                      from:
   776                        type: string
   777                        description: NamespaceFromType defines how we evaluate a NamespaceBindingType.
   778                        enum:
   779                        - SELF
   780                        - ALL
   781                        - SELECTOR
   782                  selector:
   783                    type: object
   784                    description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
   785                    properties:
   786                      matchExpressions:
   787                        type: array
   788                        description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
   789                        items:
   790                          type: object
   791                          description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
   792                          properties:
   793                            key:
   794                              type: string
   795                              description: key is the label key that the selector applies to.
   796                            operator:
   797                              type: string
   798                              description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
   799                            values:
   800                              type: array
   801                              description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
   802                              items:
   803                                type: string
   804                          required:
   805                          - key
   806                          - operator
   807                      matchLabels:
   808                        type: object
   809                        additionalProperties:
   810                          type: string
   811                        description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
   812              l7Depth:
   813                type: integer
   814                description: L7Depth specifies how many layer 7 load balancers are between us and the edge of the network.
   815                format: int32
   816              protocolStack:
   817                type: array
   818                description: ProtocolStack explicitly specifies the protocol stack to set up. Exactly one of Protocol or ProtocolStack must be supplied.
   819                items:
   820                  type: string
   821                  description: ProtocolStackElement defines specific layers that may be combined in a protocol stack for processing connections to a port.
   822                  enum:
   823                  - HTTP
   824                  - PROXY
   825                  - TLS
   826                  - TCP
   827                  - UDP
   828              securityModel:
   829                type: string
   830                description: SecurityModel specifies how to determine whether connections to this port are secure or insecure.
   831                enum:
   832                - XFP
   833                - SECURE
   834                - INSECURE
   835              statsPrefix:
   836                type: string
   837                description: 'StatsPrefix specifies the prefix for statistics sent by Envoy about this Listener. The default depends on the protocol: "ingress-http", "ingress-https", "ingress-tls-$port", or "ingress-$port".'
   838            required:
   839            - hostBinding
   840            - port
   841            - securityModel
   842    served: true
   843    storage: true
   844    subresources: {}
   845---
   846apiVersion: apiextensions.k8s.io/v1
   847kind: CustomResourceDefinition
   848metadata:
   849  name: logservices.getambassador.io
   850  labels:
   851    app.kubernetes.io/name: ambassador
   852    product: aes
   853    platform.edge.ncr.com/component: emissary
   854  annotations:
   855    controller-gen.kubebuilder.io/version: v0.5.0
   856    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   857    pallet.edge.ncr.com/name: store-emissary
   858    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   859    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   860    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   861    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   862spec:
   863  group: getambassador.io
   864  names:
   865    kind: LogService
   866    categories:
   867    - ambassador-crds
   868    listKind: LogServiceList
   869    plural: logservices
   870    singular: logservice
   871  scope: Namespaced
   872  versions:
   873  - name: v3alpha1
   874    schema:
   875      openAPIV3Schema:
   876        type: object
   877        description: LogService is the Schema for the logservices API
   878        properties:
   879          apiVersion:
   880            type: string
   881            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   882          kind:
   883            type: string
   884            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   885          metadata:
   886            type: object
   887          spec:
   888            type: object
   889            description: LogServiceSpec defines the desired state of LogService
   890            properties:
   891              service:
   892                type: string
   893              ambassador_id:
   894                type: array
   895                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
   896                items:
   897                  type: string
   898              driver:
   899                type: string
   900                enum:
   901                - tcp
   902                - http
   903              driver_config:
   904                type: object
   905                properties:
   906                  additional_log_headers:
   907                    type: array
   908                    items:
   909                      type: object
   910                      properties:
   911                        during_request:
   912                          type: boolean
   913                        during_response:
   914                          type: boolean
   915                        during_trailer:
   916                          type: boolean
   917                        header_name:
   918                          type: string
   919              flush_interval_byte_size:
   920                type: integer
   921              flush_interval_time:
   922                type: integer
   923              grpc:
   924                type: boolean
   925              stats_name:
   926                type: string
   927    served: true
   928    storage: true
   929---
   930apiVersion: apiextensions.k8s.io/v1
   931kind: CustomResourceDefinition
   932metadata:
   933  name: mappings.getambassador.io
   934  labels:
   935    app.kubernetes.io/name: ambassador
   936    product: aes
   937    platform.edge.ncr.com/component: emissary
   938  annotations:
   939    controller-gen.kubebuilder.io/version: v0.5.0
   940    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
   941    pallet.edge.ncr.com/name: store-emissary
   942    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
   943    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
   944    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
   945    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
   946spec:
   947  group: getambassador.io
   948  names:
   949    kind: Mapping
   950    categories:
   951    - ambassador-crds
   952    listKind: MappingList
   953    plural: mappings
   954    singular: mapping
   955  scope: Namespaced
   956  versions:
   957  - name: v3alpha1
   958    additionalPrinterColumns:
   959    - name: Source Host
   960      type: string
   961      jsonPath: .spec.host
   962    - name: Source Prefix
   963      type: string
   964      jsonPath: .spec.prefix
   965    - name: Dest Service
   966      type: string
   967      jsonPath: .spec.service
   968    - name: State
   969      type: string
   970      jsonPath: .status.state
   971    - name: Reason
   972      type: string
   973      jsonPath: .status.reason
   974    schema:
   975      openAPIV3Schema:
   976        type: object
   977        description: Mapping is the Schema for the mappings API
   978        properties:
   979          apiVersion:
   980            type: string
   981            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   982          kind:
   983            type: string
   984            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   985          metadata:
   986            type: object
   987          spec:
   988            type: object
   989            description: MappingSpec defines the desired state of Mapping
   990            properties:
   991              labels:
   992                type: object
   993                additionalProperties:
   994                  type: array
   995                  description: A MappingLabelGroupsArray is an array of MappingLabelGroups. I know, complex.
   996                  items:
   997                    type: object
   998                    additionalProperties:
   999                      type: array
  1000                      description: 'A MappingLabelsArray is the value in the MappingLabelGroup: an array of label specifiers.'
  1001                      items:
  1002                        type: object
  1003                        description: "A MappingLabelSpecifier (finally!) defines a single label. \n This mimics envoy/config/route/v3/route_components.proto:RateLimit:Action:action_specifier."
  1004                        maxProperties: 1
  1005                        minProperties: 1
  1006                        properties:
  1007                          destination_cluster:
  1008                            type: object
  1009                            description: Sets the label "destination_cluster=«Envoy destination cluster name»".
  1010                            properties:
  1011                              key:
  1012                                type: string
  1013                                enum:
  1014                                - destination_cluster
  1015                            required:
  1016                            - key
  1017                          generic_key:
  1018                            type: object
  1019                            description: Sets the label "«key»=«value»" (where by default «key» is "generic_key").
  1020                            properties:
  1021                              value:
  1022                                type: string
  1023                              key:
  1024                                type: string
  1025                                description: The default is "generic_key".
  1026                            required:
  1027                            - value
  1028                          remote_address:
  1029                            type: object
  1030                            description: Sets the label "remote_address=«IP address of the client»".
  1031                            properties:
  1032                              key:
  1033                                type: string
  1034                                enum:
  1035                                - remote_address
  1036                            required:
  1037                            - key
  1038                          request_headers:
  1039                            type: object
  1040                            description: If the «header_name» header is set, then set the label "«key»=«Value of the «header_name» header»"; otherwise skip applying this label group.
  1041                            properties:
  1042                              header_name:
  1043                                type: string
  1044                              key:
  1045                                type: string
  1046                              omit_if_not_present:
  1047                                type: boolean
  1048                            required:
  1049                            - header_name
  1050                            - key
  1051                          source_cluster:
  1052                            type: object
  1053                            description: Sets the label "source_cluster=«Envoy source cluster name»".
  1054                            properties:
  1055                              key:
  1056                                type: string
  1057                                enum:
  1058                                - source_cluster
  1059                            required:
  1060                            - key
  1061                    description: 'A MappingLabelGroup is a single element of a MappingLabelGroupsArray: a second map, where the key is a human-readable name that identifies the group.'
  1062                    maxProperties: 1
  1063                    minProperties: 1
  1064                description: A DomainMap is the overall Mapping.spec.Labels type. It maps domains (kind of like namespaces for Mapping labels) to arrays of label groups.
  1065              service:
  1066                type: string
  1067              hostname:
  1068                type: string
  1069                description: "Hostname is a DNS glob specifying the hosts to which this Mapping applies. \n Hostname specifies both a match for the ':authority' header of a request, as well as a match criterion for Host CRDs: a Mapping that specifies Hostname will not associate with a Host that doesn't have a matching Hostname. \n If both Host and Hostname are set, an error is logged, Host is ignored, and Hostname is used."
  1070              priority:
  1071                type: string
  1072              prefix:
  1073                type: string
  1074              add_linkerd_headers:
  1075                type: boolean
  1076              add_request_headers:
  1077                type: object
  1078                additionalProperties:
  1079                  type: object
  1080                  properties:
  1081                    value:
  1082                      type: string
  1083                    append:
  1084                      type: boolean
  1085              add_response_headers:
  1086                type: object
  1087                additionalProperties:
  1088                  type: object
  1089                  properties:
  1090                    value:
  1091                      type: string
  1092                    append:
  1093                      type: boolean
  1094              allow_upgrade:
  1095                type: array
  1096                description: "A case-insensitive list of the non-HTTP protocols to allow \"upgrading\" to from HTTP via the \"Connection: upgrade\" mechanism[1].  After the upgrade, Ambassador does not interpret the traffic, and behaves similarly to how it does for TCPMappings. \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example, if your upstream service supports WebSockets, you would write \n    allow_upgrade:    - websocket \n Or if your upstream service supports upgrading from HTTP to SPDY (as the Kubernetes apiserver does for `kubectl exec` functionality), you would write \n    allow_upgrade:    - spdy/3.1"
  1097                items:
  1098                  type: string
  1099              ambassador_id:
  1100                type: array
  1101                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
  1102                items:
  1103                  type: string
  1104              auth_context_extensions:
  1105                type: object
  1106                additionalProperties:
  1107                  type: string
  1108              auto_host_rewrite:
  1109                type: boolean
  1110              bypass_auth:
  1111                type: boolean
  1112              bypass_error_response_overrides:
  1113                type: boolean
  1114                description: If true, bypasses any `error_response_overrides` set on the Ambassador module.
  1115              case_sensitive:
  1116                type: boolean
  1117              circuit_breakers:
  1118                type: array
  1119                items:
  1120                  type: object
  1121                  properties:
  1122                    priority:
  1123                      type: string
  1124                      enum:
  1125                      - default
  1126                      - high
  1127                    max_connections:
  1128                      type: integer
  1129                    max_pending_requests:
  1130                      type: integer
  1131                    max_requests:
  1132                      type: integer
  1133                    max_retries:
  1134                      type: integer
  1135              cluster_idle_timeout_ms:
  1136                type: integer
  1137              cluster_max_connection_lifetime_ms:
  1138                type: integer
  1139              cluster_tag:
  1140                type: string
  1141              connect_timeout_ms:
  1142                type: integer
  1143              cors:
  1144                type: object
  1145                properties:
  1146                  credentials:
  1147                    type: boolean
  1148                  exposed_headers:
  1149                    type: array
  1150                    items:
  1151                      type: string
  1152                  headers:
  1153                    type: array
  1154                    items:
  1155                      type: string
  1156                  max_age:
  1157                    type: string
  1158                  methods:
  1159                    type: array
  1160                    items:
  1161                      type: string
  1162                  origins:
  1163                    type: array
  1164                    items:
  1165                      type: string
  1166              dns_type:
  1167                type: string
  1168              docs:
  1169                type: object
  1170                description: DocsInfo provides some extra information about the docs for the Mapping. Docs is used by both the agent and the DevPortal.
  1171                properties:
  1172                  display_name:
  1173                    type: string
  1174                  ignored:
  1175                    type: boolean
  1176                  path:
  1177                    type: string
  1178                  timeout_ms:
  1179                    type: integer
  1180                  url:
  1181                    type: string
  1182              enable_ipv4:
  1183                type: boolean
  1184              enable_ipv6:
  1185                type: boolean
  1186              envoy_override:
  1187                type: object
  1188                description: UntypedDict is relatively opaque as a Go type, but it preserves its contents in a roundtrippable way.
  1189                x-kubernetes-preserve-unknown-fields: true
  1190              error_response_overrides:
  1191                type: array
  1192                description: Error response overrides for this Mapping. Replaces all of the `error_response_overrides` set on the Ambassador module, if any.
  1193                items:
  1194                  type: object
  1195                  description: A response rewrite for an HTTP error response
  1196                  properties:
  1197                    body:
  1198                      type: object
  1199                      description: The new response body
  1200                      properties:
  1201                        content_type:
  1202                          type: string
  1203                          description: The content type to set on the error response body when using text_format or text_format_source. Defaults to 'text/plain'.
  1204                        json_format:
  1205                          type: object
  1206                          additionalProperties:
  1207                            type: string
  1208                          description: 'A JSON response with content-type: application/json. The values can contain format text like in text_format.'
  1209                        text_format:
  1210                          type: string
  1211                          description: A format string representing a text response body. Content-Type can be set using the `content_type` field below.
  1212                        text_format_source:
  1213                          type: object
  1214                          description: A format string sourced from a file on the Ambassador container. Useful for larger response bodies that should not be placed inline in configuration.
  1215                          properties:
  1216                            filename:
  1217                              type: string
  1218                              description: The name of a file on the Ambassador pod that contains a format text string.
  1219                    on_status_code:
  1220                      type: integer
  1221                      description: The status code to match on -- not a pointer because it's required.
  1222                      maximum: 599
  1223                      minimum: 400
  1224                  required:
  1225                  - body
  1226                  - on_status_code
  1227                minItems: 1
  1228              grpc:
  1229                type: boolean
  1230              headers:
  1231                type: object
  1232                additionalProperties:
  1233                  type: string
  1234              host:
  1235                type: string
  1236                description: "Exact match for the hostname of a request if HostRegex is false; regex match for the hostname if HostRegex is true. \n Host specifies both a match for the ':authority' header of a request, as well as a match criterion for Host CRDs: a Mapping that specifies Host will not associate with a Host that doesn't have a matching Hostname. \n If both Host and Hostname are set, an error is logged, Host is ignored, and Hostname is used. \n DEPRECATED: Host is either an exact match or a regex, depending on HostRegex. Use HostName instead."
  1237              host_redirect:
  1238                type: boolean
  1239              host_regex:
  1240                type: boolean
  1241                description: 'DEPRECATED: Host is either an exact match or a regex, depending on HostRegex. Use HostName instead.'
  1242              host_rewrite:
  1243                type: string
  1244              idle_timeout_ms:
  1245                type: integer
  1246              keepalive:
  1247                type: object
  1248                properties:
  1249                  idle_time:
  1250                    type: integer
  1251                  interval:
  1252                    type: integer
  1253                  probes:
  1254                    type: integer
  1255              load_balancer:
  1256                type: object
  1257                properties:
  1258                  cookie:
  1259                    type: object
  1260                    properties:
  1261                      name:
  1262                        type: string
  1263                      path:
  1264                        type: string
  1265                      ttl:
  1266                        type: string
  1267                    required:
  1268                    - name
  1269                  header:
  1270                    type: string
  1271                  policy:
  1272                    type: string
  1273                    enum:
  1274                    - round_robin
  1275                    - ring_hash
  1276                    - maglev
  1277                    - least_request
  1278                  source_ip:
  1279                    type: boolean
  1280                required:
  1281                - policy
  1282              method:
  1283                type: string
  1284              method_regex:
  1285                type: boolean
  1286              modules:
  1287                type: array
  1288                items:
  1289                  type: object
  1290                  description: UntypedDict is relatively opaque as a Go type, but it preserves its contents in a roundtrippable way.
  1291                  x-kubernetes-preserve-unknown-fields: true
  1292              outlier_detection:
  1293                type: string
  1294              path_redirect:
  1295                type: string
  1296                description: Path replacement to use when generating an HTTP redirect. Used with `host_redirect`.
  1297              precedence:
  1298                type: integer
  1299              prefix_exact:
  1300                type: boolean
  1301              prefix_redirect:
  1302                type: string
  1303                description: Prefix rewrite to use when generating an HTTP redirect. Used with `host_redirect`.
  1304              prefix_regex:
  1305                type: boolean
  1306              query_parameters:
  1307                type: object
  1308                additionalProperties:
  1309                  type: string
  1310              redirect_response_code:
  1311                type: integer
  1312                description: The response code to use when generating an HTTP redirect. Defaults to 301. Used with `host_redirect`.
  1313                enum:
  1314                - 301
  1315                - 302
  1316                - 303
  1317                - 307
  1318                - 308
  1319              regex_headers:
  1320                type: object
  1321                additionalProperties:
  1322                  type: string
  1323              regex_query_parameters:
  1324                type: object
  1325                additionalProperties:
  1326                  type: string
  1327              regex_redirect:
  1328                type: object
  1329                description: Prefix regex rewrite to use when generating an HTTP redirect. Used with `host_redirect`.
  1330                properties:
  1331                  pattern:
  1332                    type: string
  1333                  substitution:
  1334                    type: string
  1335              regex_rewrite:
  1336                type: object
  1337                properties:
  1338                  pattern:
  1339                    type: string
  1340                  substitution:
  1341                    type: string
  1342              remove_request_headers:
  1343                type: array
  1344                items:
  1345                  type: string
  1346              remove_response_headers:
  1347                type: array
  1348                items:
  1349                  type: string
  1350              resolver:
  1351                type: string
  1352              respect_dns_ttl:
  1353                type: boolean
  1354              retry_policy:
  1355                type: object
  1356                properties:
  1357                  num_retries:
  1358                    type: integer
  1359                  per_try_timeout:
  1360                    type: string
  1361                  retry_on:
  1362                    type: string
  1363                    enum:
  1364                    - 5xx
  1365                    - gateway-error
  1366                    - connect-failure
  1367                    - retriable-4xx
  1368                    - refused-stream
  1369                    - retriable-status-codes
  1370              rewrite:
  1371                type: string
  1372              shadow:
  1373                type: boolean
  1374              stats_name:
  1375                type: string
  1376              timeout_ms:
  1377                type: integer
  1378                description: The timeout for requests that use this Mapping. Overrides `cluster_request_timeout_ms` set on the Ambassador Module, if it exists.
  1379              tls:
  1380                type: string
  1381              use_websocket:
  1382                type: boolean
  1383                description: 'use_websocket is deprecated, and is equivlaent to setting `allow_upgrade: ["websocket"]`'
  1384              weight:
  1385                type: integer
  1386            required:
  1387            - prefix
  1388            - service
  1389          status:
  1390            type: object
  1391            description: MappingStatus defines the observed state of Mapping
  1392            properties:
  1393              reason:
  1394                type: string
  1395              state:
  1396                type: string
  1397                enum:
  1398                - ""
  1399                - Inactive
  1400                - Running
  1401    served: true
  1402    storage: true
  1403    subresources:
  1404      status: {}
  1405---
  1406apiVersion: apiextensions.k8s.io/v1
  1407kind: CustomResourceDefinition
  1408metadata:
  1409  name: modules.getambassador.io
  1410  labels:
  1411    app.kubernetes.io/name: ambassador
  1412    product: aes
  1413    platform.edge.ncr.com/component: emissary
  1414  annotations:
  1415    controller-gen.kubebuilder.io/version: v0.5.0
  1416    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1417    pallet.edge.ncr.com/name: store-emissary
  1418    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1419    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1420    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1421    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1422spec:
  1423  group: getambassador.io
  1424  names:
  1425    kind: Module
  1426    categories:
  1427    - ambassador-crds
  1428    listKind: ModuleList
  1429    plural: modules
  1430    singular: module
  1431  scope: Namespaced
  1432  versions:
  1433  - name: v3alpha1
  1434    schema:
  1435      openAPIV3Schema:
  1436        type: object
  1437        description: "A Module defines system-wide configuration.  The type of module is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\". \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated"
  1438        properties:
  1439          apiVersion:
  1440            type: string
  1441            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
  1442          kind:
  1443            type: string
  1444            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
  1445          metadata:
  1446            type: object
  1447          spec:
  1448            type: object
  1449            properties:
  1450              ambassador_id:
  1451                type: array
  1452                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
  1453                items:
  1454                  type: string
  1455              config:
  1456                type: object
  1457                description: UntypedDict is relatively opaque as a Go type, but it preserves its contents in a roundtrippable way.
  1458                x-kubernetes-preserve-unknown-fields: true
  1459            required:
  1460            - config
  1461    served: true
  1462    storage: true
  1463---
  1464apiVersion: apiextensions.k8s.io/v1
  1465kind: CustomResourceDefinition
  1466metadata:
  1467  name: ratelimitservices.getambassador.io
  1468  labels:
  1469    app.kubernetes.io/name: ambassador
  1470    product: aes
  1471    platform.edge.ncr.com/component: emissary
  1472  annotations:
  1473    controller-gen.kubebuilder.io/version: v0.5.0
  1474    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1475    pallet.edge.ncr.com/name: store-emissary
  1476    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1477    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1478    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1479    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1480spec:
  1481  group: getambassador.io
  1482  names:
  1483    kind: RateLimitService
  1484    categories:
  1485    - ambassador-crds
  1486    listKind: RateLimitServiceList
  1487    plural: ratelimitservices
  1488    singular: ratelimitservice
  1489  scope: Namespaced
  1490  versions:
  1491  - name: v3alpha1
  1492    schema:
  1493      openAPIV3Schema:
  1494        type: object
  1495        description: RateLimitService is the Schema for the ratelimitservices API
  1496        properties:
  1497          apiVersion:
  1498            type: string
  1499            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
  1500          kind:
  1501            type: string
  1502            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
  1503          metadata:
  1504            type: object
  1505          spec:
  1506            type: object
  1507            description: RateLimitServiceSpec defines the desired state of RateLimitService
  1508            properties:
  1509              service:
  1510                type: string
  1511              ambassador_id:
  1512                type: array
  1513                description: Common to all Ambassador objects.
  1514                items:
  1515                  type: string
  1516              domain:
  1517                type: string
  1518              protocol_version:
  1519                type: string
  1520                enum:
  1521                - v2
  1522                - v3
  1523              stats_name:
  1524                type: string
  1525              timeout_ms:
  1526                type: integer
  1527              tls:
  1528                type: string
  1529            required:
  1530            - service
  1531    served: true
  1532    storage: true
  1533---
  1534apiVersion: apiextensions.k8s.io/v1
  1535kind: CustomResourceDefinition
  1536metadata:
  1537  name: tcpmappings.getambassador.io
  1538  labels:
  1539    app.kubernetes.io/name: ambassador
  1540    product: aes
  1541    platform.edge.ncr.com/component: emissary
  1542  annotations:
  1543    controller-gen.kubebuilder.io/version: v0.5.0
  1544    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1545    pallet.edge.ncr.com/name: store-emissary
  1546    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1547    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1548    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1549    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1550spec:
  1551  group: getambassador.io
  1552  names:
  1553    kind: TCPMapping
  1554    categories:
  1555    - ambassador-crds
  1556    listKind: TCPMappingList
  1557    plural: tcpmappings
  1558    singular: tcpmapping
  1559  scope: Namespaced
  1560  versions:
  1561  - name: v3alpha1
  1562    schema:
  1563      openAPIV3Schema:
  1564        type: object
  1565        description: TCPMapping is the Schema for the tcpmappings API
  1566        properties:
  1567          apiVersion:
  1568            type: string
  1569            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
  1570          kind:
  1571            type: string
  1572            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
  1573          metadata:
  1574            type: object
  1575          spec:
  1576            type: object
  1577            description: TCPMappingSpec defines the desired state of TCPMapping
  1578            properties:
  1579              service:
  1580                type: string
  1581              port:
  1582                type: integer
  1583                description: Port isn't a pointer because it's required.
  1584              address:
  1585                type: string
  1586              ambassador_id:
  1587                type: array
  1588                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
  1589                items:
  1590                  type: string
  1591              circuit_breakers:
  1592                type: array
  1593                items:
  1594                  type: object
  1595                  properties:
  1596                    priority:
  1597                      type: string
  1598                      enum:
  1599                      - default
  1600                      - high
  1601                    max_connections:
  1602                      type: integer
  1603                    max_pending_requests:
  1604                      type: integer
  1605                    max_requests:
  1606                      type: integer
  1607                    max_retries:
  1608                      type: integer
  1609              cluster_tag:
  1610                type: string
  1611              enable_ipv4:
  1612                type: boolean
  1613              enable_ipv6:
  1614                type: boolean
  1615              host:
  1616                type: string
  1617              idle_timeout_ms:
  1618                type: string
  1619                description: 'FIXME(lukeshu): Surely this should be an ''int''?'
  1620              resolver:
  1621                type: string
  1622              stats_name:
  1623                type: string
  1624              tls:
  1625                type: string
  1626              weight:
  1627                type: integer
  1628            required:
  1629            - port
  1630            - service
  1631    served: true
  1632    storage: true
  1633---
  1634apiVersion: apiextensions.k8s.io/v1
  1635kind: CustomResourceDefinition
  1636metadata:
  1637  name: tlscontexts.getambassador.io
  1638  labels:
  1639    app.kubernetes.io/name: ambassador
  1640    product: aes
  1641    platform.edge.ncr.com/component: emissary
  1642  annotations:
  1643    controller-gen.kubebuilder.io/version: v0.5.0
  1644    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1645    pallet.edge.ncr.com/name: store-emissary
  1646    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1647    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1648    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1649    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1650spec:
  1651  group: getambassador.io
  1652  names:
  1653    kind: TLSContext
  1654    categories:
  1655    - ambassador-crds
  1656    listKind: TLSContextList
  1657    plural: tlscontexts
  1658    singular: tlscontext
  1659  scope: Namespaced
  1660  versions:
  1661  - name: v3alpha1
  1662    schema:
  1663      openAPIV3Schema:
  1664        type: object
  1665        description: TLSContext is the Schema for the tlscontexts API
  1666        properties:
  1667          apiVersion:
  1668            type: string
  1669            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
  1670          kind:
  1671            type: string
  1672            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
  1673          metadata:
  1674            type: object
  1675          spec:
  1676            type: object
  1677            description: TLSContextSpec defines the desired state of TLSContext
  1678            properties:
  1679              alpn_protocols:
  1680                type: string
  1681              ambassador_id:
  1682                type: array
  1683                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
  1684                items:
  1685                  type: string
  1686              ca_secret:
  1687                type: string
  1688              cacert_chain_file:
  1689                type: string
  1690              cert_chain_file:
  1691                type: string
  1692              cert_required:
  1693                type: boolean
  1694              cipher_suites:
  1695                type: array
  1696                items:
  1697                  type: string
  1698              ecdh_curves:
  1699                type: array
  1700                items:
  1701                  type: string
  1702              hosts:
  1703                type: array
  1704                items:
  1705                  type: string
  1706              max_tls_version:
  1707                type: string
  1708                enum:
  1709                - v1.0
  1710                - v1.1
  1711                - v1.2
  1712                - v1.3
  1713              min_tls_version:
  1714                type: string
  1715                enum:
  1716                - v1.0
  1717                - v1.1
  1718                - v1.2
  1719                - v1.3
  1720              private_key_file:
  1721                type: string
  1722              redirect_cleartext_from:
  1723                type: integer
  1724              secret:
  1725                type: string
  1726              secret_namespacing:
  1727                type: boolean
  1728              sni:
  1729                type: string
  1730    served: true
  1731    storage: true
  1732---
  1733apiVersion: apiextensions.k8s.io/v1
  1734kind: CustomResourceDefinition
  1735metadata:
  1736  name: tracingservices.getambassador.io
  1737  labels:
  1738    app.kubernetes.io/name: ambassador
  1739    product: aes
  1740    platform.edge.ncr.com/component: emissary
  1741  annotations:
  1742    controller-gen.kubebuilder.io/version: v0.5.0
  1743    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1744    pallet.edge.ncr.com/name: store-emissary
  1745    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1746    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1747    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1748    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1749spec:
  1750  group: getambassador.io
  1751  names:
  1752    kind: TracingService
  1753    categories:
  1754    - ambassador-crds
  1755    listKind: TracingServiceList
  1756    plural: tracingservices
  1757    singular: tracingservice
  1758  scope: Namespaced
  1759  versions:
  1760  - name: v3alpha1
  1761    schema:
  1762      openAPIV3Schema:
  1763        type: object
  1764        description: TracingService is the Schema for the tracingservices API
  1765        properties:
  1766          apiVersion:
  1767            type: string
  1768            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
  1769          kind:
  1770            type: string
  1771            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
  1772          metadata:
  1773            type: object
  1774          spec:
  1775            type: object
  1776            description: TracingServiceSpec defines the desired state of TracingService
  1777            properties:
  1778              service:
  1779                type: string
  1780              ambassador_id:
  1781                type: array
  1782                description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n    ambassador_id:    - \"default\""
  1783                items:
  1784                  type: string
  1785              config:
  1786                type: object
  1787                properties:
  1788                  access_token_file:
  1789                    type: string
  1790                  collector_cluster:
  1791                    type: string
  1792                  collector_endpoint:
  1793                    type: string
  1794                  collector_endpoint_version:
  1795                    type: string
  1796                    enum:
  1797                    - HTTP_JSON_V1
  1798                    - HTTP_JSON
  1799                    - HTTP_PROTO
  1800                  collector_hostname:
  1801                    type: string
  1802                  service_name:
  1803                    type: string
  1804                  shared_span_context:
  1805                    type: boolean
  1806                  trace_id_128bit:
  1807                    type: boolean
  1808              driver:
  1809                type: string
  1810                enum:
  1811                - lightstep
  1812                - zipkin
  1813                - datadog
  1814              sampling:
  1815                type: object
  1816                properties:
  1817                  client:
  1818                    type: integer
  1819                  overall:
  1820                    type: integer
  1821                  random:
  1822                    type: integer
  1823              stats_name:
  1824                type: string
  1825              tag_headers:
  1826                type: array
  1827                items:
  1828                  type: string
  1829            required:
  1830            - driver
  1831            - service
  1832    served: true
  1833    storage: true
  1834---
  1835# Source: emissary-ingress/templates/serviceaccount.yaml
  1836apiVersion: v1
  1837kind: ServiceAccount
  1838metadata:
  1839  name: emissary-ingress
  1840  namespace: emissary
  1841  labels:
  1842    product: aes
  1843    platform.edge.ncr.com/component: emissary
  1844  annotations:
  1845    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1846    pallet.edge.ncr.com/name: store-emissary
  1847    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1848    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1849    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1850    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1851---
  1852# Source: emissary-ingress/templates/ambassador-agent.yaml
  1853apiVersion: v1
  1854kind: ServiceAccount
  1855metadata:
  1856  name: emissary-ingress-agent
  1857  namespace: emissary
  1858  labels:
  1859    product: aes
  1860    platform.edge.ncr.com/component: emissary
  1861  annotations:
  1862    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1863    pallet.edge.ncr.com/name: store-emissary
  1864    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1865    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1866    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1867    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1868---
  1869# Source: emissary-ingress/templates/ambassador-agent.yaml
  1870apiVersion: rbac.authorization.k8s.io/v1
  1871kind: Role
  1872metadata:
  1873  name: emissary-ingress-agent-config
  1874  namespace: emissary
  1875  labels:
  1876    product: aes
  1877    platform.edge.ncr.com/component: emissary
  1878  annotations:
  1879    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1880    pallet.edge.ncr.com/name: store-emissary
  1881    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1882    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1883    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1884    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1885rules:
  1886- resources: [configmaps]
  1887  apiGroups: ['']
  1888  verbs: [get, list, watch]
  1889---
  1890# Source: emissary-ingress/templates/rbac.yaml
  1891apiVersion: rbac.authorization.k8s.io/v1
  1892kind: ClusterRole
  1893metadata:
  1894  name: emissary-ingress
  1895  labels:
  1896    product: aes
  1897    platform.edge.ncr.com/component: emissary
  1898  annotations:
  1899    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1900    pallet.edge.ncr.com/name: store-emissary
  1901    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1902    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1903    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1904    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1905aggregationRule:
  1906  clusterRoleSelectors:
  1907  - matchLabels:
  1908      rbac.getambassador.io/role-group: emissary-ingress
  1909rules: []
  1910---
  1911# Source: emissary-ingress/templates/ambassador-agent.yaml
  1912apiVersion: rbac.authorization.k8s.io/v1
  1913kind: ClusterRole
  1914metadata:
  1915  name: emissary-ingress-agent
  1916  labels:
  1917    product: aes
  1918    platform.edge.ncr.com/component: emissary
  1919  annotations:
  1920    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1921    pallet.edge.ncr.com/name: store-emissary
  1922    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1923    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1924    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1925    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1926aggregationRule:
  1927  clusterRoleSelectors:
  1928  - matchLabels:
  1929      rbac.getambassador.io/role-group: emissary-ingress-agent
  1930rules: []
  1931---
  1932# Source: emissary-ingress/templates/ambassador-agent.yaml
  1933apiVersion: rbac.authorization.k8s.io/v1
  1934kind: ClusterRole
  1935metadata:
  1936  name: emissary-ingress-agent-applications
  1937  labels:
  1938    product: aes
  1939    rbac.getambassador.io/role-group: emissary-ingress-agent
  1940    platform.edge.ncr.com/component: emissary
  1941  annotations:
  1942    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1943    pallet.edge.ncr.com/name: store-emissary
  1944    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1945    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1946    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1947    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1948rules:
  1949- resources: [applications]
  1950  apiGroups: [argoproj.io]
  1951  verbs: [get, list, watch]
  1952---
  1953# Source: emissary-ingress/templates/ambassador-agent.yaml
  1954apiVersion: rbac.authorization.k8s.io/v1
  1955kind: ClusterRole
  1956metadata:
  1957  name: emissary-ingress-agent-configmaps
  1958  labels:
  1959    product: aes
  1960    rbac.getambassador.io/role-group: emissary-ingress-agent
  1961    platform.edge.ncr.com/component: emissary
  1962  annotations:
  1963    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1964    pallet.edge.ncr.com/name: store-emissary
  1965    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1966    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1967    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1968    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1969rules:
  1970- resources: [configmaps]
  1971  apiGroups: ['']
  1972  verbs: [get, list, watch]
  1973---
  1974# Source: emissary-ingress/templates/ambassador-agent.yaml
  1975apiVersion: rbac.authorization.k8s.io/v1
  1976kind: ClusterRole
  1977metadata:
  1978  name: emissary-ingress-agent-deployments
  1979  labels:
  1980    product: aes
  1981    rbac.getambassador.io/role-group: emissary-ingress-agent
  1982    platform.edge.ncr.com/component: emissary
  1983  annotations:
  1984    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  1985    pallet.edge.ncr.com/name: store-emissary
  1986    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  1987    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  1988    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  1989    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  1990rules:
  1991- resources: [deployments]
  1992  apiGroups: [apps, extensions]
  1993  verbs: [get, list, watch]
  1994---
  1995# Source: emissary-ingress/templates/ambassador-agent.yaml
  1996apiVersion: rbac.authorization.k8s.io/v1
  1997kind: ClusterRole
  1998metadata:
  1999  name: emissary-ingress-agent-endpoints
  2000  labels:
  2001    product: aes
  2002    rbac.getambassador.io/role-group: emissary-ingress-agent
  2003    platform.edge.ncr.com/component: emissary
  2004  annotations:
  2005    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2006    pallet.edge.ncr.com/name: store-emissary
  2007    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2008    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2009    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2010    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2011rules:
  2012- resources: [endpoints]
  2013  apiGroups: ['']
  2014  verbs: [get, list, watch]
  2015---
  2016# Source: emissary-ingress/templates/ambassador-agent.yaml
  2017apiVersion: rbac.authorization.k8s.io/v1
  2018kind: ClusterRole
  2019metadata:
  2020  name: emissary-ingress-agent-pods
  2021  labels:
  2022    product: aes
  2023    rbac.getambassador.io/role-group: emissary-ingress-agent
  2024    platform.edge.ncr.com/component: emissary
  2025  annotations:
  2026    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2027    pallet.edge.ncr.com/name: store-emissary
  2028    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2029    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2030    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2031    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2032rules:
  2033- resources: [pods]
  2034  apiGroups: ['']
  2035  verbs: [get, list, watch]
  2036---
  2037# Source: emissary-ingress/templates/ambassador-agent.yaml
  2038apiVersion: rbac.authorization.k8s.io/v1
  2039kind: ClusterRole
  2040metadata:
  2041  name: emissary-ingress-agent-rollouts
  2042  labels:
  2043    product: aes
  2044    rbac.getambassador.io/role-group: emissary-ingress-agent
  2045    platform.edge.ncr.com/component: emissary
  2046  annotations:
  2047    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2048    pallet.edge.ncr.com/name: store-emissary
  2049    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2050    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2051    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2052    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2053rules:
  2054- resources: [rollouts]
  2055  apiGroups: [argoproj.io]
  2056  verbs: [get, list, watch]
  2057---
  2058# Source: emissary-ingress/templates/rbac.yaml
  2059# CRDs are cluster scoped resources, so they need to be in a cluster role,
  2060# even if ambassador is running in single namespace mode
  2061apiVersion: rbac.authorization.k8s.io/v1
  2062kind: ClusterRole
  2063metadata:
  2064  name: emissary-ingress-crd
  2065  labels:
  2066    product: aes
  2067    rbac.getambassador.io/role-group: emissary-ingress
  2068    platform.edge.ncr.com/component: emissary
  2069  annotations:
  2070    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2071    pallet.edge.ncr.com/name: store-emissary
  2072    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2073    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2074    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2075    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2076rules:
  2077- resources: [customresourcedefinitions]
  2078  apiGroups: [apiextensions.k8s.io]
  2079  verbs: [get, list, watch, delete]
  2080---
  2081# Source: emissary-ingress/templates/rbac.yaml
  2082apiVersion: rbac.authorization.k8s.io/v1
  2083kind: ClusterRole
  2084metadata:
  2085  name: emissary-ingress-watch
  2086  labels:
  2087    product: aes
  2088    rbac.getambassador.io/role-group: emissary-ingress
  2089    platform.edge.ncr.com/component: emissary
  2090  annotations:
  2091    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2092    pallet.edge.ncr.com/name: store-emissary
  2093    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2094    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2095    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2096    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2097rules:
  2098- resources:
  2099  - namespaces
  2100  - services
  2101  - secrets
  2102  - endpoints
  2103  apiGroups: ['']
  2104  verbs: [get, list, watch]
  2105- resources: ['*']
  2106  apiGroups: [getambassador.io]
  2107  verbs: [get, list, watch, update, patch, create, delete]
  2108- resources: [mappings/status]
  2109  apiGroups: [getambassador.io]
  2110  verbs: [update]
  2111- resources: [clusteringresses, ingresses]
  2112  apiGroups: [networking.internal.knative.dev]
  2113  verbs: [get, list, watch]
  2114- resources: ['*']
  2115  apiGroups: [networking.x-k8s.io]
  2116  verbs: [get, list, watch]
  2117- resources: [ingresses/status, clusteringresses/status]
  2118  apiGroups: [networking.internal.knative.dev]
  2119  verbs: [update]
  2120- resources: [ingresses, ingressclasses]
  2121  apiGroups: [extensions, networking.k8s.io]
  2122  verbs: [get, list, watch]
  2123- resources: [ingresses/status]
  2124  apiGroups: [extensions, networking.k8s.io]
  2125  verbs: [update]
  2126---
  2127# Source: emissary-ingress/templates/ambassador-agent.yaml
  2128apiVersion: rbac.authorization.k8s.io/v1
  2129kind: RoleBinding
  2130metadata:
  2131  name: emissary-ingress-agent-config
  2132  namespace: emissary
  2133  labels:
  2134    product: aes
  2135    platform.edge.ncr.com/component: emissary
  2136  annotations:
  2137    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2138    pallet.edge.ncr.com/name: store-emissary
  2139    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2140    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2141    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2142    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2143roleRef:
  2144  name: emissary-ingress-agent-config
  2145  kind: Role
  2146  apiGroup: rbac.authorization.k8s.io
  2147subjects:
  2148- name: emissary-ingress-agent
  2149  namespace: emissary
  2150  kind: ServiceAccount
  2151---
  2152# Source: emissary-ingress/templates/rbac.yaml
  2153apiVersion: rbac.authorization.k8s.io/v1
  2154kind: ClusterRoleBinding
  2155metadata:
  2156  name: emissary-ingress
  2157  labels:
  2158    product: aes
  2159    platform.edge.ncr.com/component: emissary
  2160  annotations:
  2161    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2162    pallet.edge.ncr.com/name: store-emissary
  2163    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2164    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2165    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2166    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2167roleRef:
  2168  name: emissary-ingress
  2169  kind: ClusterRole
  2170  apiGroup: rbac.authorization.k8s.io
  2171subjects:
  2172- name: emissary-ingress
  2173  namespace: emissary
  2174  kind: ServiceAccount
  2175---
  2176# Source: emissary-ingress/templates/ambassador-agent.yaml
  2177apiVersion: rbac.authorization.k8s.io/v1
  2178kind: ClusterRoleBinding
  2179metadata:
  2180  name: emissary-ingress-agent
  2181  labels:
  2182    product: aes
  2183    platform.edge.ncr.com/component: emissary
  2184  annotations:
  2185    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2186    pallet.edge.ncr.com/name: store-emissary
  2187    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2188    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2189    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2190    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2191roleRef:
  2192  name: emissary-ingress-agent
  2193  kind: ClusterRole
  2194  apiGroup: rbac.authorization.k8s.io
  2195subjects:
  2196- name: emissary-ingress-agent
  2197  namespace: emissary
  2198  kind: ServiceAccount
  2199---
  2200# Source: emissary-ingress/templates/service.yaml
  2201apiVersion: v1
  2202kind: Service
  2203metadata:
  2204  name: emissary-ingress
  2205  namespace: emissary
  2206  labels:
  2207    app.kubernetes.io/component: ambassador-service
  2208    product: aes
  2209    platform.edge.ncr.com/component: emissary
  2210  annotations:
  2211    a8r.io/bugs: https://github.com/datawire/ambassador/issues
  2212    a8r.io/chat: http://a8r.io/Slack
  2213    a8r.io/dependencies: emissary-ingress-redis.emissary
  2214    a8r.io/description: The Ambassador Edge Stack goes beyond traditional API Gateways and Ingress Controllers with the advanced edge features needed to support developer self-service and full-cycle development.
  2215    a8r.io/documentation: https://www.getambassador.io/docs/edge-stack/latest/
  2216    a8r.io/owner: Ambassador Labs
  2217    a8r.io/repository: github.com/datawire/ambassador
  2218    a8r.io/support: https://www.getambassador.io/about-us/support/
  2219    coredns.io/hostname: store.ncr.corp
  2220    metallb.universe.tf/allow-shared-ip: ingress-key
  2221    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2222    pallet.edge.ncr.com/name: store-emissary
  2223    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2224    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2225    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2226    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2227spec:
  2228  type: LoadBalancer
  2229  selector:
  2230    service: ambassador
  2231    profile: main
  2232    platform.edge.ncr.com/component: emissary
  2233  ports:
  2234  - name: http
  2235    port: 80
  2236    targetPort: 8080
  2237  - name: https
  2238    port: 443
  2239    targetPort: 8443
  2240---
  2241# Source: emissary-ingress/templates/admin-service.yaml
  2242apiVersion: v1
  2243kind: Service
  2244metadata:
  2245  name: emissary-ingress-admin
  2246  namespace: emissary
  2247  labels:
  2248    # Hard-coded label for Prometheus Operator ServiceMonitor
  2249    service: ambassador-admin
  2250    product: aes
  2251    platform.edge.ncr.com/component: emissary
  2252  annotations:
  2253    a8r.io/bugs: https://github.com/datawire/ambassador/issues
  2254    a8r.io/chat: http://a8r.io/Slack
  2255    a8r.io/dependencies: None
  2256    a8r.io/description: The Ambassador Edge Stack admin service for internal use and health checks.
  2257    a8r.io/documentation: https://www.getambassador.io/docs/edge-stack/latest/
  2258    a8r.io/owner: Ambassador Labs
  2259    a8r.io/repository: github.com/datawire/ambassador
  2260    a8r.io/support: https://www.getambassador.io/about-us/support/
  2261    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2262    pallet.edge.ncr.com/name: store-emissary
  2263    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2264    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2265    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2266    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2267spec:
  2268  type: NodePort
  2269  selector:
  2270    service: ambassador
  2271    platform.edge.ncr.com/component: emissary
  2272  ports:
  2273  - name: ambassador-admin
  2274    protocol: TCP
  2275    port: 8877
  2276    targetPort: admin
  2277  - name: ambassador-snapshot
  2278    protocol: TCP
  2279    port: 8005
  2280    targetPort: 8005
  2281---
  2282apiVersion: apps/v1
  2283kind: Deployment
  2284metadata:
  2285  labels:
  2286    product: aes
  2287    platform.edge.ncr.com/component: emissary
  2288  name: emissary-ingress
  2289  namespace: emissary
  2290  annotations:
  2291    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2292    pallet.edge.ncr.com/name: store-emissary
  2293    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2294    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2295    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2296    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2297spec:
  2298  progressDeadlineSeconds: 600
  2299  replicas: 1
  2300  selector:
  2301    matchLabels:
  2302      service: ambassador
  2303      platform.edge.ncr.com/component: emissary
  2304  strategy:
  2305    type: RollingUpdate
  2306  template:
  2307    metadata:
  2308      annotations:
  2309        consul.hashicorp.com/connect-inject: "false"
  2310        sidecar.istio.io/inject: "false"
  2311        pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2312        pallet.edge.ncr.com/name: store-emissary
  2313        pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2314        pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2315        pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2316        pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2317      labels:
  2318        app.kubernetes.io/managed-by: getambassador.io
  2319        profile: main
  2320        service: ambassador
  2321        platform.edge.ncr.com/component: emissary
  2322    spec:
  2323      affinity:
  2324        podAntiAffinity:
  2325          preferredDuringSchedulingIgnoredDuringExecution:
  2326          - podAffinityTerm:
  2327              labelSelector:
  2328                matchLabels:
  2329                  service: ambassador
  2330                  platform.edge.ncr.com/component: emissary
  2331              topologyKey: kubernetes.io/hostname
  2332            weight: 100
  2333      containers:
  2334      - env:
  2335        - name: HOST_IP
  2336          valueFrom:
  2337            fieldRef:
  2338              fieldPath: status.hostIP
  2339        - name: AMBASSADOR_NAMESPACE
  2340          valueFrom:
  2341            fieldRef:
  2342              fieldPath: metadata.namespace
  2343        image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/index.docker.io/emissaryingress/emissary:2.0.4
  2344        imagePullPolicy: IfNotPresent
  2345        livenessProbe:
  2346          failureThreshold: 3
  2347          httpGet:
  2348            path: /ambassador/v0/check_alive
  2349            port: admin
  2350          initialDelaySeconds: 30
  2351          periodSeconds: 3
  2352        name: ambassador
  2353        ports:
  2354        - containerPort: 8080
  2355          name: http
  2356        - containerPort: 8443
  2357          name: https
  2358        - containerPort: 8877
  2359          name: admin
  2360        - containerPort: 1883
  2361          name: mqtt
  2362          protocol: TCP
  2363        - containerPort: 6379
  2364          name: redis
  2365          protocol: TCP
  2366        - containerPort: 16999
  2367          name: kubernetes
  2368          protocol: TCP
  2369        readinessProbe:
  2370          failureThreshold: 3
  2371          httpGet:
  2372            path: /ambassador/v0/check_ready
  2373            port: admin
  2374          initialDelaySeconds: 30
  2375          periodSeconds: 3
  2376        resources:
  2377          limits:
  2378            cpu: "1"
  2379            memory: 400Mi
  2380          requests:
  2381            cpu: 200m
  2382            memory: 100Mi
  2383        securityContext:
  2384          allowPrivilegeEscalation: false
  2385        volumeMounts:
  2386        - mountPath: /tmp/ambassador-pod-info
  2387          name: ambassador-pod-info
  2388          readOnly: true
  2389      dnsPolicy: ClusterFirst
  2390      hostNetwork: false
  2391      imagePullSecrets: []
  2392      restartPolicy: Always
  2393      securityContext:
  2394        runAsUser: 8888
  2395      serviceAccountName: emissary-ingress
  2396      terminationGracePeriodSeconds: 0
  2397      volumes:
  2398      - downwardAPI:
  2399          items:
  2400          - fieldRef:
  2401              fieldPath: metadata.labels
  2402            path: labels
  2403        name: ambassador-pod-info
  2404---
  2405# Source: emissary-ingress/templates/ambassador-agent.yaml
  2406apiVersion: apps/v1
  2407kind: Deployment
  2408metadata:
  2409  name: emissary-ingress-agent
  2410  namespace: emissary
  2411  labels:
  2412    app.kubernetes.io/instance: emissary-ingress
  2413    app.kubernetes.io/name: emissary-ingress-agent
  2414    platform.edge.ncr.com/component: emissary
  2415  annotations:
  2416    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2417    pallet.edge.ncr.com/name: store-emissary
  2418    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2419    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2420    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2421    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2422spec:
  2423  replicas: 1
  2424  selector:
  2425    matchLabels:
  2426      app.kubernetes.io/instance: emissary-ingress
  2427      app.kubernetes.io/name: emissary-ingress-agent
  2428      platform.edge.ncr.com/component: emissary
  2429  template:
  2430    metadata:
  2431      labels:
  2432        app.kubernetes.io/instance: emissary-ingress
  2433        app.kubernetes.io/name: emissary-ingress-agent
  2434        platform.edge.ncr.com/component: emissary
  2435      annotations:
  2436        pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2437        pallet.edge.ncr.com/name: store-emissary
  2438        pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2439        pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2440        pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2441        pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2442    spec:
  2443      serviceAccountName: emissary-ingress-agent
  2444      containers:
  2445      - name: agent
  2446        image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/index.docker.io/emissaryingress/emissary:2.0.4
  2447        command: [agent]
  2448        env:
  2449        - name: AGENT_NAMESPACE
  2450          valueFrom:
  2451            fieldRef:
  2452              fieldPath: metadata.namespace
  2453        - name: AGENT_CONFIG_RESOURCE_NAME
  2454          value: emissary-ingress-agent-cloud-token
  2455        - name: RPC_CONNECTION_ADDRESS
  2456          value: https://app.getambassador.io/
  2457        - name: AES_SNAPSHOT_URL
  2458          value: http://emissary-ingress-admin.emissary:8005/snapshot-external
  2459        imagePullPolicy: IfNotPresent
  2460  progressDeadlineSeconds: 600
  2461---
  2462apiVersion: cert-manager.io/v1
  2463kind: Certificate
  2464metadata:
  2465  name: emissary-ca
  2466  namespace: emissary
  2467  labels:
  2468    platform.edge.ncr.com/component: emissary
  2469  annotations:
  2470    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2471    pallet.edge.ncr.com/name: store-emissary
  2472    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2473    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2474    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2475    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2476spec:
  2477  dnsNames:
  2478  - "*.store.ncr.corp"
  2479  isCA: true
  2480  issuerRef:
  2481    name: selfsigned-issuer
  2482    kind: ClusterIssuer
  2483    group: cert-manager.io
  2484  privateKey:
  2485    algorithm: ECDSA
  2486    size: 256
  2487  secretName: gateway-tls-cert
  2488---
  2489apiVersion: cert-manager.io/v1
  2490kind: ClusterIssuer
  2491metadata:
  2492  name: selfsigned-issuer
  2493  namespace: emissary
  2494  labels:
  2495    platform.edge.ncr.com/component: emissary
  2496  annotations:
  2497    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2498    pallet.edge.ncr.com/name: store-emissary
  2499    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2500    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2501    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2502    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2503spec:
  2504  selfSigned: {}
  2505---
  2506apiVersion: cert-manager.io/v1
  2507kind: Issuer
  2508metadata:
  2509  name: emissary-ca-issuer
  2510  namespace: emissary
  2511  labels:
  2512    platform.edge.ncr.com/component: emissary
  2513  annotations:
  2514    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2515    pallet.edge.ncr.com/name: store-emissary
  2516    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2517    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2518    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2519    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2520spec:
  2521  ca:
  2522    secretName: gateway-tls-cert
  2523---
  2524apiVersion: getambassador.io/v3alpha1
  2525kind: Host
  2526metadata:
  2527  name: ingress-host
  2528  namespace: emissary
  2529  labels:
  2530    platform.edge.ncr.com/component: emissary
  2531  annotations:
  2532    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2533    pallet.edge.ncr.com/name: store-emissary
  2534    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2535    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2536    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2537    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2538spec:
  2539  hostname: "store.ncr.corp"
  2540  acmeProvider:
  2541    authority: none
  2542  tlsContext:
  2543    name: emissary-ingress-tlscontext
  2544  tlsSecret:
  2545    name: gateway-tls-cert
  2546---
  2547apiVersion: getambassador.io/v3alpha1
  2548kind: Host
  2549metadata:
  2550  name: ingress-host-wildcard
  2551  namespace: emissary
  2552  labels:
  2553    platform.edge.ncr.com/component: emissary
  2554  annotations:
  2555    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2556    pallet.edge.ncr.com/name: store-emissary
  2557    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2558    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2559    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2560    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2561spec:
  2562  hostname: "*.store.ncr.corp"
  2563  acmeProvider:
  2564    authority: none
  2565  tlsContext:
  2566    name: emissary-ingress-tlscontext
  2567  tlsSecret:
  2568    name: gateway-tls-cert
  2569---
  2570apiVersion: getambassador.io/v3alpha1
  2571kind: Listener
  2572metadata:
  2573  name: ingress-listener
  2574  namespace: emissary
  2575  labels:
  2576    platform.edge.ncr.com/component: emissary
  2577  annotations:
  2578    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2579    pallet.edge.ncr.com/name: store-emissary
  2580    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2581    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2582    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2583    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2584spec:
  2585  protocol: HTTPS
  2586  port: 8443
  2587  hostBinding:
  2588    namespace:
  2589      from: SELF # any Host in the same namespace as this listener will be associated with it, if we want more control we can use 'selector' instead
  2590  securityModel: XFP
  2591---
  2592apiVersion: getambassador.io/v3alpha1
  2593kind: Module
  2594metadata:
  2595  name: ambassador
  2596  namespace: emissary
  2597  labels:
  2598    platform.edge.ncr.com/component: emissary
  2599  annotations:
  2600    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2601    pallet.edge.ncr.com/name: store-emissary
  2602    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2603    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2604    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2605    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2606spec:
  2607  config:
  2608    add_linkerd_headers: true
  2609    cluster_request_timeout_ms: 30000
  2610    lua_scripts: |
  2611      function envoy_on_request(request_handle)
  2612        local authority = request_handle:headers():get(":authority")
  2613        if(string.find(authority, ":") ~= nil)
  2614        then
  2615          local authority_index = string.find(authority, ":")
  2616          local stripped_authority = string.sub(authority, 1, authority_index - 1)
  2617          request_handle:headers():replace(":authority", stripped_authority)
  2618        end
  2619      end
  2620    strip_matching_host_port: true
  2621---
  2622apiVersion: getambassador.io/v3alpha1
  2623kind: TLSContext
  2624metadata:
  2625  name: emissary-ingress-tlscontext
  2626  namespace: emissary
  2627  labels:
  2628    platform.edge.ncr.com/component: emissary
  2629  annotations:
  2630    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
  2631    pallet.edge.ncr.com/name: store-emissary
  2632    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
  2633    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
  2634    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
  2635    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
  2636spec:
  2637  alpn_protocols: h2
  2638  cert_required: false
  2639  hosts: ['*.store.ncr.corp', 'store.ncr.corp']
  2640  min_tls_version: v1.3
  2641  secret: gateway-tls-cert

View as plain text