From f1ecea82d0e5d6c4ca29279beb07768998741d32 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Mon, 16 Mar 2026 16:09:31 +0000 Subject: [PATCH] Automated Manifest Update (#4789) This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. ### Details - **Trigger**: `pull_request` by `@alexlebens` - **Commit**: `1899074` (on `1899074f21b349fd51f62213f03da376d35b3cfc`) - **Charts Updated**: `traefik` ### Update Details (2026-03-16 16:03 UTC) - **Trigger**: `pull_request` by `@alexlebens` - **Commit**: `e865676` (on `e865676f761551c2bf6ef8f4800329d014da49ec`) - **Charts Updated**: `gitea,jellyfin,karakeep` Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/4789 Co-authored-by: gitea-bot Co-committed-by: gitea-bot --- ...nfigMap-gitea-meilisearch-environment.yaml | 4 +- ...rsistentVolumeClaim-gitea-meilisearch.yaml | 4 +- ...Pod-gitea-meilisearch-test-connection.yaml | 2 +- .../gitea/Service-gitea-meilisearch.yaml | 4 +- .../ServiceAccount-gitea-meilisearch.yaml | 4 +- .../ServiceMonitor-gitea-meilisearch.yaml | 4 +- .../gitea/StatefulSet-gitea-meilisearch.yaml | 12 +- ...gMap-jellyfin-meilisearch-environment.yaml | 4 +- ...stentVolumeClaim-jellyfin-meilisearch.yaml | 4 +- ...-jellyfin-meilisearch-test-connection.yaml | 2 +- .../Service-jellyfin-meilisearch.yaml | 4 +- .../ServiceAccount-jellyfin-meilisearch.yaml | 4 +- .../ServiceMonitor-jellyfin-meilisearch.yaml | 4 +- .../StatefulSet-jellyfin-meilisearch.yaml | 12 +- ...gMap-karakeep-meilisearch-environment.yaml | 4 +- ...stentVolumeClaim-karakeep-meilisearch.yaml | 4 +- ...-karakeep-meilisearch-test-connection.yaml | 2 +- .../Service-karakeep-meilisearch.yaml | 4 +- .../ServiceAccount-karakeep-meilisearch.yaml | 4 +- .../ServiceMonitor-karakeep-meilisearch.yaml | 4 +- .../StatefulSet-karakeep-meilisearch.yaml | 12 +- ...ceDefinition-ingressroutes.traefik.io.yaml | 53 +- ...efinition-ingressroutetcps.traefik.io.yaml | 26 +- ...efinition-ingressrouteudps.traefik.io.yaml | 7 +- ...urceDefinition-middlewares.traefik.io.yaml | 151 +++-- ...eDefinition-middlewaretcps.traefik.io.yaml | 9 +- ...finition-serverstransports.traefik.io.yaml | 16 +- ...ition-serverstransporttcps.traefik.io.yaml | 5 +- ...ourceDefinition-tlsoptions.traefik.io.yaml | 11 +- ...sourceDefinition-tlsstores.traefik.io.yaml | 4 +- ...Definition-traefikservices.traefik.io.yaml | 545 +++++++++++++++++- 31 files changed, 791 insertions(+), 138 deletions(-) diff --git a/clusters/cl01tl/manifests/gitea/ConfigMap-gitea-meilisearch-environment.yaml b/clusters/cl01tl/manifests/gitea/ConfigMap-gitea-meilisearch-environment.yaml index 3692fb838..1726ea201 100644 --- a/clusters/cl01tl/manifests/gitea/ConfigMap-gitea-meilisearch-environment.yaml +++ b/clusters/cl01tl/manifests/gitea/ConfigMap-gitea-meilisearch-environment.yaml @@ -3,10 +3,10 @@ kind: ConfigMap metadata: name: gitea-meilisearch-environment labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/gitea/PersistentVolumeClaim-gitea-meilisearch.yaml b/clusters/cl01tl/manifests/gitea/PersistentVolumeClaim-gitea-meilisearch.yaml index ca80e7944..440f0e1f5 100644 --- a/clusters/cl01tl/manifests/gitea/PersistentVolumeClaim-gitea-meilisearch.yaml +++ b/clusters/cl01tl/manifests/gitea/PersistentVolumeClaim-gitea-meilisearch.yaml @@ -3,10 +3,10 @@ apiVersion: v1 metadata: name: gitea-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/gitea/Pod-gitea-meilisearch-test-connection.yaml b/clusters/cl01tl/manifests/gitea/Pod-gitea-meilisearch-test-connection.yaml index 9d3d66e31..4f8fbe21f 100644 --- a/clusters/cl01tl/manifests/gitea/Pod-gitea-meilisearch-test-connection.yaml +++ b/clusters/cl01tl/manifests/gitea/Pod-gitea-meilisearch-test-connection.yaml @@ -4,7 +4,7 @@ metadata: name: gitea-meilisearch-test-connection labels: app.kubernetes.io/name: meilisearch - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/instance: gitea app.kubernetes.io/managed-by: Helm annotations: diff --git a/clusters/cl01tl/manifests/gitea/Service-gitea-meilisearch.yaml b/clusters/cl01tl/manifests/gitea/Service-gitea-meilisearch.yaml index 3451d1deb..17bc38974 100644 --- a/clusters/cl01tl/manifests/gitea/Service-gitea-meilisearch.yaml +++ b/clusters/cl01tl/manifests/gitea/Service-gitea-meilisearch.yaml @@ -3,10 +3,10 @@ kind: Service metadata: name: gitea-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/gitea/ServiceAccount-gitea-meilisearch.yaml b/clusters/cl01tl/manifests/gitea/ServiceAccount-gitea-meilisearch.yaml index a110e6754..f46517d52 100644 --- a/clusters/cl01tl/manifests/gitea/ServiceAccount-gitea-meilisearch.yaml +++ b/clusters/cl01tl/manifests/gitea/ServiceAccount-gitea-meilisearch.yaml @@ -3,10 +3,10 @@ kind: ServiceAccount metadata: name: gitea-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/gitea/ServiceMonitor-gitea-meilisearch.yaml b/clusters/cl01tl/manifests/gitea/ServiceMonitor-gitea-meilisearch.yaml index 44fde3de8..b79426597 100644 --- a/clusters/cl01tl/manifests/gitea/ServiceMonitor-gitea-meilisearch.yaml +++ b/clusters/cl01tl/manifests/gitea/ServiceMonitor-gitea-meilisearch.yaml @@ -4,10 +4,10 @@ metadata: name: gitea-meilisearch namespace: gitea labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/gitea/StatefulSet-gitea-meilisearch.yaml b/clusters/cl01tl/manifests/gitea/StatefulSet-gitea-meilisearch.yaml index 1e4e29ab1..ddf731e19 100644 --- a/clusters/cl01tl/manifests/gitea/StatefulSet-gitea-meilisearch.yaml +++ b/clusters/cl01tl/manifests/gitea/StatefulSet-gitea-meilisearch.yaml @@ -3,10 +3,10 @@ kind: StatefulSet metadata: name: gitea-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm @@ -20,15 +20,15 @@ spec: template: metadata: labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm annotations: - checksum/config: 0e81aef3c5c4f794f40ff655f5b4bff70d6bc136a40828d9fde7eeae61fd23b0 + checksum/config: f89b7bdc26b28e84206d220dd50b64ddb57696bec495e4f2d5f50b9ed11d1034 spec: serviceAccountName: gitea-meilisearch securityContext: @@ -45,7 +45,7 @@ spec: claimName: gitea-meilisearch containers: - name: meilisearch - image: "getmeili/meilisearch:v1.38.0" + image: "getmeili/meilisearch:v1.39.0" imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false diff --git a/clusters/cl01tl/manifests/jellyfin/ConfigMap-jellyfin-meilisearch-environment.yaml b/clusters/cl01tl/manifests/jellyfin/ConfigMap-jellyfin-meilisearch-environment.yaml index 1f3231760..3904514cc 100644 --- a/clusters/cl01tl/manifests/jellyfin/ConfigMap-jellyfin-meilisearch-environment.yaml +++ b/clusters/cl01tl/manifests/jellyfin/ConfigMap-jellyfin-meilisearch-environment.yaml @@ -3,10 +3,10 @@ kind: ConfigMap metadata: name: jellyfin-meilisearch-environment labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: jellyfin - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/jellyfin/PersistentVolumeClaim-jellyfin-meilisearch.yaml b/clusters/cl01tl/manifests/jellyfin/PersistentVolumeClaim-jellyfin-meilisearch.yaml index a33d14f02..b04e99fb2 100644 --- a/clusters/cl01tl/manifests/jellyfin/PersistentVolumeClaim-jellyfin-meilisearch.yaml +++ b/clusters/cl01tl/manifests/jellyfin/PersistentVolumeClaim-jellyfin-meilisearch.yaml @@ -3,10 +3,10 @@ apiVersion: v1 metadata: name: jellyfin-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: jellyfin - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/jellyfin/Pod-jellyfin-meilisearch-test-connection.yaml b/clusters/cl01tl/manifests/jellyfin/Pod-jellyfin-meilisearch-test-connection.yaml index f10efdee7..a2fd61451 100644 --- a/clusters/cl01tl/manifests/jellyfin/Pod-jellyfin-meilisearch-test-connection.yaml +++ b/clusters/cl01tl/manifests/jellyfin/Pod-jellyfin-meilisearch-test-connection.yaml @@ -4,7 +4,7 @@ metadata: name: jellyfin-meilisearch-test-connection labels: app.kubernetes.io/name: meilisearch - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/instance: jellyfin app.kubernetes.io/managed-by: Helm annotations: diff --git a/clusters/cl01tl/manifests/jellyfin/Service-jellyfin-meilisearch.yaml b/clusters/cl01tl/manifests/jellyfin/Service-jellyfin-meilisearch.yaml index 489e5d763..ae853d335 100644 --- a/clusters/cl01tl/manifests/jellyfin/Service-jellyfin-meilisearch.yaml +++ b/clusters/cl01tl/manifests/jellyfin/Service-jellyfin-meilisearch.yaml @@ -3,10 +3,10 @@ kind: Service metadata: name: jellyfin-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: jellyfin - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/jellyfin/ServiceAccount-jellyfin-meilisearch.yaml b/clusters/cl01tl/manifests/jellyfin/ServiceAccount-jellyfin-meilisearch.yaml index f75474e8c..13cdb15c5 100644 --- a/clusters/cl01tl/manifests/jellyfin/ServiceAccount-jellyfin-meilisearch.yaml +++ b/clusters/cl01tl/manifests/jellyfin/ServiceAccount-jellyfin-meilisearch.yaml @@ -3,10 +3,10 @@ kind: ServiceAccount metadata: name: jellyfin-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: jellyfin - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/jellyfin/ServiceMonitor-jellyfin-meilisearch.yaml b/clusters/cl01tl/manifests/jellyfin/ServiceMonitor-jellyfin-meilisearch.yaml index 2874dfa8f..090919686 100644 --- a/clusters/cl01tl/manifests/jellyfin/ServiceMonitor-jellyfin-meilisearch.yaml +++ b/clusters/cl01tl/manifests/jellyfin/ServiceMonitor-jellyfin-meilisearch.yaml @@ -4,10 +4,10 @@ metadata: name: jellyfin-meilisearch namespace: jellyfin labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: jellyfin - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/jellyfin/StatefulSet-jellyfin-meilisearch.yaml b/clusters/cl01tl/manifests/jellyfin/StatefulSet-jellyfin-meilisearch.yaml index 063dfd3d4..3af7063f6 100644 --- a/clusters/cl01tl/manifests/jellyfin/StatefulSet-jellyfin-meilisearch.yaml +++ b/clusters/cl01tl/manifests/jellyfin/StatefulSet-jellyfin-meilisearch.yaml @@ -3,10 +3,10 @@ kind: StatefulSet metadata: name: jellyfin-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: jellyfin - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm @@ -20,15 +20,15 @@ spec: template: metadata: labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: jellyfin - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm annotations: - checksum/config: fbbcc1dd0d161f68a49b73fa43d78e99986dbc7918dad1f551156b39c1c99b70 + checksum/config: fa8bcc36cd1eca09db2254facf35f05dd4efc759f6eefea5efaf625f608733bf spec: serviceAccountName: jellyfin-meilisearch securityContext: @@ -45,7 +45,7 @@ spec: claimName: jellyfin-meilisearch containers: - name: meilisearch - image: "getmeili/meilisearch:v1.38.0" + image: "getmeili/meilisearch:v1.39.0" imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false diff --git a/clusters/cl01tl/manifests/karakeep/ConfigMap-karakeep-meilisearch-environment.yaml b/clusters/cl01tl/manifests/karakeep/ConfigMap-karakeep-meilisearch-environment.yaml index 9e57893ac..c64f3c998 100644 --- a/clusters/cl01tl/manifests/karakeep/ConfigMap-karakeep-meilisearch-environment.yaml +++ b/clusters/cl01tl/manifests/karakeep/ConfigMap-karakeep-meilisearch-environment.yaml @@ -3,10 +3,10 @@ kind: ConfigMap metadata: name: karakeep-meilisearch-environment labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: karakeep - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/karakeep/PersistentVolumeClaim-karakeep-meilisearch.yaml b/clusters/cl01tl/manifests/karakeep/PersistentVolumeClaim-karakeep-meilisearch.yaml index e86d34133..c9470c560 100644 --- a/clusters/cl01tl/manifests/karakeep/PersistentVolumeClaim-karakeep-meilisearch.yaml +++ b/clusters/cl01tl/manifests/karakeep/PersistentVolumeClaim-karakeep-meilisearch.yaml @@ -3,10 +3,10 @@ apiVersion: v1 metadata: name: karakeep-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: karakeep - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/karakeep/Pod-karakeep-meilisearch-test-connection.yaml b/clusters/cl01tl/manifests/karakeep/Pod-karakeep-meilisearch-test-connection.yaml index d41ef6c35..46f090319 100644 --- a/clusters/cl01tl/manifests/karakeep/Pod-karakeep-meilisearch-test-connection.yaml +++ b/clusters/cl01tl/manifests/karakeep/Pod-karakeep-meilisearch-test-connection.yaml @@ -4,7 +4,7 @@ metadata: name: karakeep-meilisearch-test-connection labels: app.kubernetes.io/name: meilisearch - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/instance: karakeep app.kubernetes.io/managed-by: Helm annotations: diff --git a/clusters/cl01tl/manifests/karakeep/Service-karakeep-meilisearch.yaml b/clusters/cl01tl/manifests/karakeep/Service-karakeep-meilisearch.yaml index 81246c335..b704a50f0 100644 --- a/clusters/cl01tl/manifests/karakeep/Service-karakeep-meilisearch.yaml +++ b/clusters/cl01tl/manifests/karakeep/Service-karakeep-meilisearch.yaml @@ -3,10 +3,10 @@ kind: Service metadata: name: karakeep-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: karakeep - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/karakeep/ServiceAccount-karakeep-meilisearch.yaml b/clusters/cl01tl/manifests/karakeep/ServiceAccount-karakeep-meilisearch.yaml index dad23db4c..a081df3ed 100644 --- a/clusters/cl01tl/manifests/karakeep/ServiceAccount-karakeep-meilisearch.yaml +++ b/clusters/cl01tl/manifests/karakeep/ServiceAccount-karakeep-meilisearch.yaml @@ -3,10 +3,10 @@ kind: ServiceAccount metadata: name: karakeep-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: karakeep - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/karakeep/ServiceMonitor-karakeep-meilisearch.yaml b/clusters/cl01tl/manifests/karakeep/ServiceMonitor-karakeep-meilisearch.yaml index ed4a623fd..996e51a6a 100644 --- a/clusters/cl01tl/manifests/karakeep/ServiceMonitor-karakeep-meilisearch.yaml +++ b/clusters/cl01tl/manifests/karakeep/ServiceMonitor-karakeep-meilisearch.yaml @@ -4,10 +4,10 @@ metadata: name: karakeep-meilisearch namespace: karakeep labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: karakeep - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/karakeep/StatefulSet-karakeep-meilisearch.yaml b/clusters/cl01tl/manifests/karakeep/StatefulSet-karakeep-meilisearch.yaml index cd4a91306..4463d6625 100644 --- a/clusters/cl01tl/manifests/karakeep/StatefulSet-karakeep-meilisearch.yaml +++ b/clusters/cl01tl/manifests/karakeep/StatefulSet-karakeep-meilisearch.yaml @@ -3,10 +3,10 @@ kind: StatefulSet metadata: name: karakeep-meilisearch labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: karakeep - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm @@ -20,15 +20,15 @@ spec: template: metadata: labels: - helm.sh/chart: meilisearch-0.27.0 + helm.sh/chart: meilisearch-0.28.0 app.kubernetes.io/name: meilisearch app.kubernetes.io/instance: karakeep - app.kubernetes.io/version: "v1.38.0" + app.kubernetes.io/version: "v1.39.0" app.kubernetes.io/component: search-engine app.kubernetes.io/part-of: meilisearch app.kubernetes.io/managed-by: Helm annotations: - checksum/config: fc5108f9718d0b9dc1572a1e1ec94803ff463e34da5e212866d3aad38dc3eb0c + checksum/config: 7a9c7d8c345f4bf373540cd6b44741e58b5767d8922d3327000f0b6e8dc74802 spec: serviceAccountName: karakeep-meilisearch securityContext: @@ -45,7 +45,7 @@ spec: claimName: karakeep-meilisearch containers: - name: meilisearch - image: "getmeili/meilisearch:v1.38.0" + image: "getmeili/meilisearch:v1.39.0" imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutes.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutes.traefik.io.yaml index 3b0a3a26e..1c483bc60 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutes.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutes.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -46,16 +46,19 @@ spec: description: |- EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/install-configuration/entrypoints/ + More info: https://doc.traefik.io/traefik/v3.7/reference/install-configuration/entrypoints/ Default: all. items: type: string type: array + ingressClassName: + description: IngressClassName defines the name of the IngressClass cluster resource. + type: string parentRefs: description: |- ParentRefs defines references to parent IngressRoute resources for multi-layer routing. When set, this IngressRoute's routers will be children of the referenced parent IngressRoute's routers. - More info: https://doc.traefik.io/traefik/v3.6/routing/routers/#parentrefs + More info: https://doc.traefik.io/traefik/v3.7/routing/routers/#parentrefs items: description: IngressRouteRef is a reference to an IngressRoute resource. properties: @@ -85,12 +88,12 @@ spec: match: description: |- Match defines the router's rule. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/routing/rules-and-priority/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/routing/rules-and-priority/ type: string middlewares: description: |- Middlewares defines the list of references to Middleware resources. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/kubernetes/crd/http/middleware/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/kubernetes/crd/http/middleware/ items: description: MiddlewareRef is a reference to a Middleware resource. properties: @@ -107,7 +110,7 @@ spec: observability: description: |- Observability defines the observability configuration for a router. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/routing/observability/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/routing/observability/ properties: accessLogs: description: AccessLogs enables access logs for this router. @@ -129,7 +132,7 @@ spec: priority: description: |- Priority defines the router's priority. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/routing/rules-and-priority/#priority + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/routing/rules-and-priority/#priority maximum: 9223372036854775000 type: integer services: @@ -208,6 +211,21 @@ spec: - Service - TraefikService type: string + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array name: description: |- Name defines the name of the referenced Kubernetes Service or TraefikService. @@ -282,7 +300,7 @@ spec: sticky: description: |- Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -349,7 +367,8 @@ spec: syntax: description: |- Syntax defines the router's rule syntax. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/routing/rules-and-priority/#rulesyntax + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/routing/rules-and-priority/#rulesyntax + Deprecated: Please do not use this field and rewrite the router rules to use the v3 syntax. type: string required: @@ -359,18 +378,18 @@ spec: tls: description: |- TLS defines the TLS configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/routing/router/#tls + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/routing/router/#tls properties: certResolver: description: |- CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/install-configuration/tls/certificate-resolvers/acme/ + More info: https://doc.traefik.io/traefik/v3.7/reference/install-configuration/tls/certificate-resolvers/acme/ type: string domains: description: |- Domains defines the list of domains that will be used to issue certificates. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#domains + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/tls/tls-certificates/#domains items: description: Domain holds a domain name with SANs. properties: @@ -388,17 +407,17 @@ spec: description: |- Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the `default` TLSOption is used. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-options/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/tls/tls-options/ properties: name: description: |- Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/kubernetes/crd/http/tlsoption/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/kubernetes/crd/http/tlsoption/ type: string namespace: description: |- Namespace defines the namespace of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/kubernetes/crd/http/tlsoption/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/kubernetes/crd/http/tlsoption/ type: string required: - name @@ -414,12 +433,12 @@ spec: name: description: |- Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/kubernetes/crd/http/tlsstore/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/kubernetes/crd/http/tlsstore/ type: string namespace: description: |- Namespace defines the namespace of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/kubernetes/crd/http/tlsstore/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/kubernetes/crd/http/tlsstore/ type: string required: - name diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutetcps.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutetcps.traefik.io.yaml index a78e32d9b..9859ee7db 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutetcps.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressroutetcps.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -46,11 +46,14 @@ spec: description: |- EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/install-configuration/entrypoints/ + More info: https://doc.traefik.io/traefik/v3.7/reference/install-configuration/entrypoints/ Default: all. items: type: string type: array + ingressClassName: + description: IngressClassName defines the name of the IngressClass cluster resource. + type: string routes: description: Routes defines the list of routes. items: @@ -59,7 +62,7 @@ spec: match: description: |- Match defines the router's rule. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/routing/rules-and-priority/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/routing/rules-and-priority/ type: string middlewares: description: Middlewares defines the list of references to MiddlewareTCP resources. @@ -79,7 +82,7 @@ spec: priority: description: |- Priority defines the router's priority. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/routing/rules-and-priority/#priority + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/routing/rules-and-priority/#priority maximum: 9223372036854775000 type: integer services: @@ -118,7 +121,8 @@ spec: proxyProtocol: description: |- ProxyProtocol defines the PROXY protocol configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/service/#proxy-protocol + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/service/#proxy-protocol + Deprecated: ProxyProtocol will not be supported in future APIVersions, please use ServersTransport to configure ProxyProtocol instead. properties: version: @@ -140,6 +144,7 @@ spec: hence fully terminating the connection. It is a duration in milliseconds, defaulting to 100. A negative value means an infinite deadline (i.e. the reading capability is never closed). + Deprecated: TerminationDelay will not be supported in future APIVersions, please use ServersTransport to configure the TerminationDelay instead. type: integer tls: @@ -157,7 +162,8 @@ spec: syntax: description: |- Syntax defines the router's rule syntax. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/routing/rules-and-priority/#rulesyntax + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/routing/rules-and-priority/#rulesyntax + Deprecated: Please do not use this field and rewrite the router rules to use the v3 syntax. enum: - v3 @@ -170,18 +176,18 @@ spec: tls: description: |- TLS defines the TLS configuration on a layer 4 / TCP Route. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/routing/router/#tls + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/routing/router/#tls properties: certResolver: description: |- CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/install-configuration/tls/certificate-resolvers/acme/ + More info: https://doc.traefik.io/traefik/v3.7/reference/install-configuration/tls/certificate-resolvers/acme/ type: string domains: description: |- Domains defines the list of domains that will be used to issue certificates. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/tls/#domains + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/tls/#domains items: description: Domain holds a domain name with SANs. properties: @@ -199,7 +205,7 @@ spec: description: |- Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the `default` TLSOption is used. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/tls/#tls-options + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/tls/#tls-options properties: name: description: Name defines the name of the referenced Traefik resource. diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressrouteudps.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressrouteudps.traefik.io.yaml index 7acd3fb84..b7946da4b 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressrouteudps.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-ingressrouteudps.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -46,11 +46,14 @@ spec: description: |- EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/install-configuration/entrypoints/ + More info: https://doc.traefik.io/traefik/v3.7/reference/install-configuration/entrypoints/ Default: all. items: type: string type: array + ingressClassName: + description: IngressClassName defines the name of the IngressClass cluster resource. + type: string routes: description: Routes defines the list of routes. items: diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewares.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewares.traefik.io.yaml index 34f6acee0..c7810ec5f 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewares.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewares.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -22,7 +22,7 @@ spec: openAPIV3Schema: description: |- Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/overview/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/overview/ properties: apiVersion: description: |- @@ -48,7 +48,7 @@ spec: description: |- AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding it. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/addprefix/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/addprefix/ properties: prefix: description: |- @@ -63,12 +63,12 @@ spec: description: |- BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/basicauth/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/basicauth/ properties: headerField: description: |- HeaderField defines a header field to store the authenticated user. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/basicauth/#headerfield + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/basicauth/#headerfield type: string realm: description: |- @@ -88,7 +88,7 @@ spec: description: |- Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can be forwarded to backends. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/buffering/#maxrequestbodybytes + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/buffering/#maxrequestbodybytes properties: maxRequestBodyBytes: description: |- @@ -120,14 +120,14 @@ spec: description: |- RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) and OR (||). - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/buffering/#retryexpression + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/buffering/#retryexpression type: string type: object chain: description: |- Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other pieces of middleware. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/chain/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/chain/ properties: middlewares: description: Middlewares is the list of MiddlewareRef which composes the chain. @@ -181,7 +181,7 @@ spec: description: |- Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/compress/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/compress/ properties: defaultEncoding: description: DefaultEncoding specifies the default encoding if the `Accept-Encoding` header is not in the request or contains a wildcard (`*`). @@ -219,6 +219,7 @@ spec: description: |- AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, be automatically set to a value derived from the contents of the response. + Deprecated: AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option. type: boolean type: object @@ -226,12 +227,12 @@ spec: description: |- DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/digestauth/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/digestauth/ properties: headerField: description: |- HeaderField defines a header field to store the authenticated user. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/digestauth/#headerfield + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/digestauth/#headerfield type: string realm: description: |- @@ -245,11 +246,36 @@ spec: description: Secret is the name of the referenced Kubernetes Secret containing user credentials. type: string type: object + encodedCharacters: + description: EncodedCharacters configures which encoded characters are allowed in the request path. + properties: + allowEncodedBackSlash: + description: AllowEncodedBackSlash defines whether requests with encoded back slash characters in the path are allowed. + type: boolean + allowEncodedHash: + description: AllowEncodedHash defines whether requests with encoded hash characters in the path are allowed. + type: boolean + allowEncodedNullCharacter: + description: AllowEncodedNullCharacter defines whether requests with encoded null characters in the path are allowed. + type: boolean + allowEncodedPercent: + description: AllowEncodedPercent defines whether requests with encoded percent characters in the path are allowed. + type: boolean + allowEncodedQuestionMark: + description: AllowEncodedQuestionMark defines whether requests with encoded question mark characters in the path are allowed. + type: boolean + allowEncodedSemicolon: + description: AllowEncodedSemicolon defines whether requests with encoded semicolon characters in the path are allowed. + type: boolean + allowEncodedSlash: + description: AllowEncodedSlash defines whether requests with encoded slash characters in the path are allowed. + type: boolean + type: object errors: description: |- ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/errorpages/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/errorpages/ properties: query: description: |- @@ -261,7 +287,7 @@ spec: service: description: |- Service defines the reference to a Kubernetes Service that will serve the error page. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/errorpages/#service + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/errorpages/#service properties: healthCheck: description: Healthcheck defines health checks for ExternalName services. @@ -332,6 +358,21 @@ spec: - Service - TraefikService type: string + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array name: description: |- Name defines the name of the referenced Kubernetes Service or TraefikService. @@ -406,7 +447,7 @@ spec: sticky: description: |- Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -492,7 +533,7 @@ spec: description: |- ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/forwardauth/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/forwardauth/ properties: addAuthCookiesToResponse: description: AddAuthCookiesToResponse defines the list of cookies to copy from the authentication server response to the response. @@ -517,7 +558,10 @@ spec: authResponseHeadersRegex: description: |- AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/forwardauth/#authresponseheadersregex + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/forwardauth/#authresponseheadersregex + type: string + authSigninURL: + description: AuthSigninURL specifies the URL to redirect to when the authentication server returns 401 Unauthorized. type: string forwardBody: description: ForwardBody defines whether to send the request body to the authentication server. @@ -525,12 +569,16 @@ spec: headerField: description: |- HeaderField defines a header field to store the authenticated user. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/forwardauth/#headerfield + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/forwardauth/#headerfield type: string maxBodySize: description: MaxBodySize defines the maximum body size in bytes allowed to be forwarded to the authentication server. format: int64 type: integer + maxResponseBodySize: + description: MaxResponseBodySize defines the maximum body size in bytes allowed in the response from the authentication server. + format: int64 + type: integer preserveLocationHeader: description: PreserveLocationHeader defines whether to forward the Location header to the client as is or prefix it with the domain name of the authentication server. type: boolean @@ -578,7 +626,7 @@ spec: description: |- Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/headers/#customrequestheaders + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/headers/#customrequestheaders properties: accessControlAllowCredentials: description: AccessControlAllowCredentials defines whether the request can include user credentials. @@ -723,7 +771,7 @@ spec: description: |- InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and served concurrently. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/inflightreq/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/inflightreq/ properties: amount: description: |- @@ -737,12 +785,12 @@ spec: SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/inflightreq/#sourcecriterion + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/inflightreq/#sourcecriterion properties: ipStrategy: description: |- IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/ipallowlist/#ipstrategy + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right). @@ -769,12 +817,12 @@ spec: description: |- IPAllowList holds the IP allowlist middleware configuration. This middleware limits allowed requests based on the client IP. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/ipallowlist/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/ipallowlist/ properties: ipStrategy: description: |- IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/ipallowlist/#ipstrategy + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right). @@ -806,7 +854,7 @@ spec: ipStrategy: description: |- IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/ipallowlist/#ipstrategy + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right). @@ -831,7 +879,7 @@ spec: description: |- PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed client TLS certificate to a header. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/passtlsclientcert/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/passtlsclientcert/ properties: info: description: Info selects the specific client certificate details you want to add to the X-Forwarded-Tls-Client-Cert-Info header. @@ -911,13 +959,13 @@ spec: x-kubernetes-preserve-unknown-fields: true description: |- Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/overview/#community-middlewares + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/overview/#community-middlewares type: object rateLimit: description: |- RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/ratelimit/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/ratelimit/ properties: average: description: |- @@ -1032,7 +1080,7 @@ spec: ipStrategy: description: |- IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/ipallowlist/#ipstrategy + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/ipallowlist/#ipstrategy properties: depth: description: Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right). @@ -1059,7 +1107,7 @@ spec: description: |- RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/redirectregex/#regex + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/redirectregex/#regex properties: permanent: description: Permanent defines whether the redirection is permanent (308). @@ -1075,10 +1123,12 @@ spec: description: |- RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port to another. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/redirectscheme/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/redirectscheme/ properties: permanent: - description: Permanent defines whether the redirection is permanent (308). + description: |- + Permanent defines whether the redirection is permanent. + For HTTP GET requests a 301 is returned, otherwise a 308 is returned. type: boolean port: description: Port defines the port of the new URL. @@ -1091,7 +1141,7 @@ spec: description: |- ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/replacepath/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/replacepath/ properties: path: description: Path defines the path to use as replacement in the request URL. @@ -1101,7 +1151,7 @@ spec: description: |- ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/replacepathregex/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/replacepathregex/ properties: regex: description: Regex defines the regular expression used to match and capture the path from the request URL. @@ -1115,12 +1165,15 @@ spec: Retry holds the retry middleware configuration. This middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/middlewares/retry/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/middlewares/retry/ properties: attempts: description: Attempts defines how many times the request should be retried. minimum: 0 type: integer + disableRetryOnNetworkError: + description: DisableRetryOnNetworkError defines whether to disable the retry if an error occurs when transmitting the request to the server. + type: boolean initialInterval: anyOf: - type: integer @@ -1133,12 +1186,38 @@ spec: see https://pkg.go.dev/time#ParseDuration. pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$ x-kubernetes-int-or-string: true + maxRequestBodyBytes: + description: |- + MaxRequestBodyBytes defines the maximum size for the request body. + Default is `-1`, which means no limit. + format: int64 + minimum: -1 + type: integer + retryNonIdempotentMethod: + description: RetryNonIdempotentMethod activates the retry for non-idempotent methods (POST, LOCK, PATCH) + type: boolean + status: + description: Status defines the range of HTTP status codes to retry on. + items: + pattern: ^([1-5][0-9]{2}[,-]?)+$ + type: string + type: array + timeout: + anyOf: + - type: integer + - type: string + description: |- + Timeout defines how much time the middleware is allowed to retry the request. + The value of timeout should be provided in seconds or as a valid duration format, + see https://pkg.go.dev/time#ParseDuration. + pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$ + x-kubernetes-int-or-string: true type: object stripPrefix: description: |- StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/stripprefix/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/stripprefix/ properties: forceSlash: description: |- @@ -1156,7 +1235,7 @@ spec: description: |- StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v3.6/middlewares/http/stripprefixregex/ + More info: https://doc.traefik.io/traefik/v3.7/middlewares/http/stripprefixregex/ properties: regex: description: Regex defines the regular expression to match the path prefix from the request URL. diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewaretcps.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewaretcps.traefik.io.yaml index 0ce49b37f..a54e13c37 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewaretcps.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-middlewaretcps.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -22,7 +22,7 @@ spec: openAPIV3Schema: description: |- MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/middlewares/overview/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/middlewares/overview/ properties: apiVersion: description: |- @@ -59,7 +59,7 @@ spec: description: |- IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client IP. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/middlewares/ipallowlist/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/middlewares/ipallowlist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation). @@ -71,8 +71,9 @@ spec: description: |- IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client IP. + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/middlewares/ipwhitelist/ + Deprecated: please use IPAllowList instead. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/middlewares/ipwhitelist/ properties: sourceRange: description: SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation). diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransports.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransports.traefik.io.yaml index 295578485..4df7d577b 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransports.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransports.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -24,7 +24,7 @@ spec: ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/load-balancing/serverstransport/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/serverstransport/ properties: apiVersion: description: |- @@ -51,6 +51,11 @@ spec: items: type: string type: array + cipherSuites: + description: CipherSuites defines the cipher suites to use when contacting backend servers. + items: + type: string + type: array disableHTTP2: description: DisableHTTP2 disables HTTP/2 for connections with backend servers. type: boolean @@ -100,6 +105,12 @@ spec: description: MaxIdleConnsPerHost controls the maximum idle (keep-alive) to keep per-host. minimum: -1 type: integer + maxVersion: + description: MaxVersion defines the maximum TLS version to use when contacting backend servers. + type: string + minVersion: + description: MinVersion defines the minimum TLS version to use when contacting backend servers. + type: string peerCertURI: description: PeerCertURI defines the peer cert URI used to match against SAN URI during the peer certificate verification. type: string @@ -128,6 +139,7 @@ spec: rootCAsSecrets: description: |- RootCAsSecrets defines a list of CA secret used to validate self-signed certificate. + Deprecated: RootCAsSecrets is deprecated, please use the RootCAs option instead. items: type: string diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransporttcps.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransporttcps.traefik.io.yaml index a7e4e2c77..75bb95783 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransporttcps.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-serverstransporttcps.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -24,7 +24,7 @@ spec: ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/tcp/serverstransport/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/tcp/serverstransport/ properties: apiVersion: description: |- @@ -117,6 +117,7 @@ spec: rootCAsSecrets: description: |- RootCAsSecrets defines a list of CA secret used to validate self-signed certificate. + Deprecated: RootCAsSecrets is deprecated, please use the RootCAs option instead. items: type: string diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsoptions.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsoptions.traefik.io.yaml index 26dbdfabb..b3af5e44d 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsoptions.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsoptions.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -22,7 +22,7 @@ spec: openAPIV3Schema: description: |- TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#tls-options + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#tls-options properties: apiVersion: description: |- @@ -47,14 +47,14 @@ spec: alpnProtocols: description: |- ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#alpn-protocols + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#alpn-protocols items: type: string type: array cipherSuites: description: |- CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#cipher-suites + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#cipher-suites items: type: string type: array @@ -79,7 +79,7 @@ spec: curvePreferences: description: |- CurvePreferences defines the preferred elliptic curves. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#curve-preferences + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#curve-preferences items: type: string type: array @@ -102,6 +102,7 @@ spec: description: |- PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. + Deprecated: https://github.com/golang/go/issues/45430 type: boolean sniStrict: diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsstores.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsstores.traefik.io.yaml index 39406fcc4..53882eda9 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsstores.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-tlsstores.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -24,7 +24,7 @@ spec: TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#certificates-stores + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#certificates-stores properties: apiVersion: description: |- diff --git a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-traefikservices.traefik.io.yaml b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-traefikservices.traefik.io.yaml index 7854c4e22..daf886bfe 100644 --- a/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-traefikservices.traefik.io.yaml +++ b/clusters/cl01tl/manifests/traefik/CustomResourceDefinition-traefikservices.traefik.io.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: app.kubernetes.io/managed-by: Helm - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.19.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/managed-by: Helm @@ -25,7 +25,7 @@ spec: TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/kubernetes/crd/http/traefikservice/ + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/kubernetes/crd/http/traefikservice/ properties: apiVersion: description: |- @@ -47,6 +47,477 @@ spec: spec: description: TraefikServiceSpec defines the desired state of a TraefikService. properties: + failover: + description: Failover defines the Failover service configuration. + properties: + errors: + description: Errors defines which errors should trigger the use of the fallback service. + properties: + maxRequestBodyBytes: + description: |- + MaxRequestBodyBytes defines the maximum size allowed for the body of the request. + Default value is -1, which means unlimited size. + format: int64 + type: integer + status: + description: Status defines the list of status code ranges for which the fallback service should be used. + items: + type: string + type: array + type: object + fallback: + description: Fallback defines the fallback service to use when the main service returns an error. + properties: + healthCheck: + description: Healthcheck defines health checks for ExternalName services. + properties: + followRedirects: + description: |- + FollowRedirects defines whether redirects should be followed during the health check calls. + Default: true + type: boolean + headers: + additionalProperties: + type: string + description: Headers defines custom headers to be sent to the health check endpoint. + type: object + hostname: + description: Hostname defines the value of hostname in the Host header of the health check request. + type: string + interval: + anyOf: + - type: integer + - type: string + description: |- + Interval defines the frequency of the health check calls for healthy targets. + Default: 30s + x-kubernetes-int-or-string: true + method: + description: Method defines the healthcheck method. + type: string + mode: + description: |- + Mode defines the health check mode. + If defined to grpc, will use the gRPC health check protocol to probe the server. + Default: http + type: string + path: + description: Path defines the server URL path for the health check endpoint. + type: string + port: + description: Port defines the server URL port for the health check endpoint. + type: integer + scheme: + description: Scheme replaces the server URL scheme for the health check endpoint. + type: string + status: + description: Status defines the expected HTTP status code of the response to the health check request. + type: integer + timeout: + anyOf: + - type: integer + - type: string + description: |- + Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy. + Default: 5s + x-kubernetes-int-or-string: true + unhealthyInterval: + anyOf: + - type: integer + - type: string + description: |- + UnhealthyInterval defines the frequency of the health check calls for unhealthy targets. + When UnhealthyInterval is not defined, it defaults to the Interval value. + Default: 30s + x-kubernetes-int-or-string: true + type: object + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array + name: + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. + type: string + nativeLB: + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. + type: boolean + nodePortLB: + description: |- + NodePortLB controls, when creating the load-balancer, + whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. + It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. + By default, NodePortLB is false. + type: boolean + passHostHeader: + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + passiveHealthCheck: + description: PassiveHealthCheck defines passive health checks for ExternalName services. + properties: + failureWindow: + anyOf: + - type: integer + - type: string + description: FailureWindow defines the time window during which the failed attempts must occur for the server to be marked as unhealthy. It also defines for how long the server will be considered unhealthy. + x-kubernetes-int-or-string: true + maxFailedAttempts: + description: MaxFailedAttempts is the number of consecutive failed attempts allowed within the failure window before marking the server as unhealthy. + type: integer + type: object + port: + anyOf: + - type: integer + - type: string + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. + properties: + flushInterval: + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms + type: string + type: object + scheme: + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. + type: string + sticky: + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + domain: + description: |- + Domain defines the host to which the cookie will be sent. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#domaindomain-value + type: string + httpOnly: + description: HTTPOnly defines whether the cookie can be accessed by client-side APIs, such as JavaScript. + type: boolean + maxAge: + description: |- + MaxAge defines the number of seconds until the cookie expires. + When set to a negative number, the cookie expires immediately. + When set to zero, the cookie never expires. + type: integer + name: + description: Name defines the Cookie name. + type: string + path: + description: |- + Path defines the path that must exist in the requested URL for the browser to send the Cookie header. + When not provided the cookie will be sent on every request to the domain. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#pathpath-value + type: string + sameSite: + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite + enum: + - none + - lax + - strict + type: string + secure: + description: Secure defines whether the cookie can only be transmitted over an encrypted connection (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: |- + Strategy defines the load balancing strategy between the servers. + Supported values are: wrr (Weighed round-robin), p2c (Power of two choices), hrw (Highest Random Weight), and leasttime (Least-Time). + RoundRobin value is deprecated and supported for backward compatibility. + enum: + - wrr + - p2c + - hrw + - leasttime + - RoundRobin + type: string + weight: + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). + minimum: 0 + type: integer + required: + - name + type: object + service: + description: Service defines the main service to use. + properties: + healthCheck: + description: Healthcheck defines health checks for ExternalName services. + properties: + followRedirects: + description: |- + FollowRedirects defines whether redirects should be followed during the health check calls. + Default: true + type: boolean + headers: + additionalProperties: + type: string + description: Headers defines custom headers to be sent to the health check endpoint. + type: object + hostname: + description: Hostname defines the value of hostname in the Host header of the health check request. + type: string + interval: + anyOf: + - type: integer + - type: string + description: |- + Interval defines the frequency of the health check calls for healthy targets. + Default: 30s + x-kubernetes-int-or-string: true + method: + description: Method defines the healthcheck method. + type: string + mode: + description: |- + Mode defines the health check mode. + If defined to grpc, will use the gRPC health check protocol to probe the server. + Default: http + type: string + path: + description: Path defines the server URL path for the health check endpoint. + type: string + port: + description: Port defines the server URL port for the health check endpoint. + type: integer + scheme: + description: Scheme replaces the server URL scheme for the health check endpoint. + type: string + status: + description: Status defines the expected HTTP status code of the response to the health check request. + type: integer + timeout: + anyOf: + - type: integer + - type: string + description: |- + Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy. + Default: 5s + x-kubernetes-int-or-string: true + unhealthyInterval: + anyOf: + - type: integer + - type: string + description: |- + UnhealthyInterval defines the frequency of the health check calls for unhealthy targets. + When UnhealthyInterval is not defined, it defaults to the Interval value. + Default: 30s + x-kubernetes-int-or-string: true + type: object + kind: + description: Kind defines the kind of the Service. + enum: + - Service + - TraefikService + type: string + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array + name: + description: |- + Name defines the name of the referenced Kubernetes Service or TraefikService. + The differentiation between the two is specified in the Kind field. + type: string + namespace: + description: Namespace defines the namespace of the referenced Kubernetes Service or TraefikService. + type: string + nativeLB: + description: |- + NativeLB controls, when creating the load-balancer, + whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. + The Kubernetes Service itself does load-balance to the pods. + By default, NativeLB is false. + type: boolean + nodePortLB: + description: |- + NodePortLB controls, when creating the load-balancer, + whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. + It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. + By default, NodePortLB is false. + type: boolean + passHostHeader: + description: |- + PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. + By default, passHostHeader is true. + type: boolean + passiveHealthCheck: + description: PassiveHealthCheck defines passive health checks for ExternalName services. + properties: + failureWindow: + anyOf: + - type: integer + - type: string + description: FailureWindow defines the time window during which the failed attempts must occur for the server to be marked as unhealthy. It also defines for how long the server will be considered unhealthy. + x-kubernetes-int-or-string: true + maxFailedAttempts: + description: MaxFailedAttempts is the number of consecutive failed attempts allowed within the failure window before marking the server as unhealthy. + type: integer + type: object + port: + anyOf: + - type: integer + - type: string + description: |- + Port defines the port of a Kubernetes Service. + This can be a reference to a named port. + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. + properties: + flushInterval: + description: |- + FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. + A negative value means to flush immediately after each write to the client. + This configuration is ignored when ReverseProxy recognizes a response as a streaming response; + for such responses, writes are flushed to the client immediately. + Default: 100ms + type: string + type: object + scheme: + description: |- + Scheme defines the scheme to use for the request to the upstream Kubernetes Service. + It defaults to https when Kubernetes Service port is 443, http otherwise. + type: string + serversTransport: + description: |- + ServersTransport defines the name of ServersTransport resource to use. + It allows to configure the transport between Traefik and your servers. + Can only be used on a Kubernetes Service. + type: string + sticky: + description: |- + Sticky defines the sticky sessions configuration. + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + properties: + cookie: + description: Cookie defines the sticky cookie configuration. + properties: + domain: + description: |- + Domain defines the host to which the cookie will be sent. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#domaindomain-value + type: string + httpOnly: + description: HTTPOnly defines whether the cookie can be accessed by client-side APIs, such as JavaScript. + type: boolean + maxAge: + description: |- + MaxAge defines the number of seconds until the cookie expires. + When set to a negative number, the cookie expires immediately. + When set to zero, the cookie never expires. + type: integer + name: + description: Name defines the Cookie name. + type: string + path: + description: |- + Path defines the path that must exist in the requested URL for the browser to send the Cookie header. + When not provided the cookie will be sent on every request to the domain. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#pathpath-value + type: string + sameSite: + description: |- + SameSite defines the same site policy. + More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite + enum: + - none + - lax + - strict + type: string + secure: + description: Secure defines whether the cookie can only be transmitted over an encrypted connection (i.e. HTTPS). + type: boolean + type: object + type: object + strategy: + description: |- + Strategy defines the load balancing strategy between the servers. + Supported values are: wrr (Weighed round-robin), p2c (Power of two choices), hrw (Highest Random Weight), and leasttime (Least-Time). + RoundRobin value is deprecated and supported for backward compatibility. + enum: + - wrr + - p2c + - hrw + - leasttime + - RoundRobin + type: string + weight: + description: |- + Weight defines the weight and should only be specified when Name references a TraefikService object + (and to be precise, one that embeds a Weighted Round Robin). + minimum: 0 + type: integer + required: + - name + type: object + required: + - errors + - fallback + - service + type: object highestRandomWeight: description: HighestRandomWeight defines the highest random weight service configuration. properties: @@ -124,6 +595,21 @@ spec: - Service - TraefikService type: string + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array name: description: |- Name defines the name of the referenced Kubernetes Service or TraefikService. @@ -198,7 +684,7 @@ spec: sticky: description: |- Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -342,6 +828,21 @@ spec: Default value is -1, which means unlimited size. format: int64 type: integer + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array mirrorBody: description: |- MirrorBody defines whether the body of the request should be mirrored. @@ -421,6 +922,21 @@ spec: - Service - TraefikService type: string + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array name: description: |- Name defines the name of the referenced Kubernetes Service or TraefikService. @@ -500,7 +1016,7 @@ spec: sticky: description: |- Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -638,7 +1154,7 @@ spec: sticky: description: |- Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -778,6 +1294,21 @@ spec: - Service - TraefikService type: string + middlewares: + description: Middlewares defines the list of references to Middleware resources to apply to the service. + items: + description: MiddlewareRef is a reference to a Middleware resource. + properties: + name: + description: Name defines the name of the referenced Middleware resource. + type: string + namespace: + description: Namespace defines the namespace of the referenced Middleware resource. + type: string + required: + - name + type: object + type: array name: description: |- Name defines the name of the referenced Kubernetes Service or TraefikService. @@ -852,7 +1383,7 @@ spec: sticky: description: |- Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/load-balancing/service/#sticky-sessions + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/http/load-balancing/service/#sticky-sessions properties: cookie: description: Cookie defines the sticky cookie configuration. @@ -919,7 +1450,7 @@ spec: sticky: description: |- Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/kubernetes/crd/http/traefikservice/#stickiness-and-load-balancing + More info: https://doc.traefik.io/traefik/v3.7/reference/routing-configuration/kubernetes/crd/http/traefikservice/#stickiness-and-load-balancing properties: cookie: description: Cookie defines the sticky cookie configuration.