ComposeObservers returns a new Observer that calls each of its arguments in turn.

ExtensionClusterName generates a unique Envoy cluster name for an ExtensionCluster.

ValidateRegex returns an error if the supplied RE2 regex syntax is invalid.

CACertificateKey is the key name for accessing TLS CA certificate bundles in Kubernetes Secrets.

CORSAllowOriginMatchExact will match an origin exactly.

CORSAllowOriginMatchRegex denote a regex pattern will be used to match the origin in a request.

CRLKey is the key name for accessing CRL bundles in Kubernetes Secrets.

HeaderMatchTypeContains matches a header value if it contains the provided value.

HeaderMatchTypeExact matches a header value exactly.

HeaderMatchTypePresent matches a header if it is present in a request.

HeaderMatchTypeRegex matches a header if it matches the provided regular expression.

nolint:revive.

nolint:revive.

InternalRedirectCrossSchemeAlways allow following a redirect whatever the schemes.

InternalRedirectCrossSchemeNever deny following a redirect if the schemes are different.

InternalRedirectCrossSchemeSafeOnly allow following a redirect if the schemes are the same, or if it is considered safe, which means if the downstream scheme is HTTPS, both HTTPS and HTTP redirect targets are allowed, but if the downstream scheme is HTTP, only HTTP redirect targets are allowed.

LoadBalancerPolicyCookie denotes load balancing will be performed via a Contour specified cookie.

LoadBalancerPolicyRandom denotes the load balancer will choose a random backend when routing a request.

LoadBalancerPolicyRequestHash denotes request attribute hashing is used to make load balancing decisions.

LoadBalancerPolicyRoundRobin denotes the load balancer will route requests in a round-robin fashion among backend instances.

LoadBalancerPolicyWeightedLeastRequest specifies the backend with least active requests will be chosen by the load balancer.

PrefixMatchSegment represents a prefix match that only matches full path segments, i.e.

PrefixMatchString represents a prefix match that functions like a string prefix match, i.e.

QueryParamMatchTypeContains matches a querystring parameter value contains the given string.

QueryParamMatchTypeExact matches a querystring parameter value exactly.

QueryParamMatchTypePrefix matches a querystring parameter value is prefixed by a given string.

QueryParamMatchTypePresent matches a querystring parameter if present.

QueryParamMatchTypeRegex matches a querystring parameter value against given regular expression.

QueryParamMatchTypeSuffix matches a querystring parameter value is suffixed by a given string.

VhRateLimitsIgnore will ignore the virtual host rate limits even if the route does not have a rate limit policy.

VhRateLimitsInclude will use the virtual host rate limits even if the route has a rate limit policy.

VhRateLimitsOverride (Default) will use the virtual host rate limits unless the route has a rate limit policy.

AuthorizationServerBufferSettings enables ExtAuthz filter to buffer client request data and send it as part of authorization request.

Builder builds a DAG.

CircuitBreakers holds configuration for circuit breakers.

ClientCertificateDetails defines which parts of the client certificate will be forwarded.

Cluster holds the connection specific parameters that apply to traffic routed to an upstream service.

ClusterTimeoutPolicy defines the timeout policy for a cluster.

CookieHashOptions contains options for hashing a HTTP cookie.

CookieRewritePolicy defines how attributes of an HTTP Set-Cookie header can be rewritten.

CORSAllowOriginMatch specifies how allowed origins should be matched.

CORSPolicy allows setting the CORS policy.

DelegationNotPermittedError is returned by KubernetesCache's Secret accessor methods when delegation is not set up.

DirectResponse allows for a specific HTTP status code and body to be the response to a route request vs routing to an envoy cluster.

DNSNameCluster is a cluster that routes directly to a DNS name (i.e.

ExactMatchCondition matches the entire path of a URL.

ExtensionCluster generates an Envoy cluster (aka ClusterLoadAssignment) for an ExtensionService resource.

ExternalAuthorization contains the configuration for enabling the ExtAuthz filter.

GatewayAPIProcessor translates Gateway API types into DAG objects and adds them to the DAG.

GenericKeyDescriptorEntry configures a descriptor entry that has a static key & value.

GlobalRateLimitPolicy holds global rate limiting parameters.

HeaderHashOptions contains options for hashing a HTTP header.

HeaderMatchCondition matches request headers by MatchType.

HeaderMatchDescriptorEntry configures a descriptor entry that's populated only if the specified header is present on the request.

HeadersPolicy defines how headers are managed during forwarding.

HTTPHealthCheckPolicy http health check policy.

HTTPProxyProcessor translates HTTPProxies into DAG objects and adds them to the DAG.

IngressProcessor translates Ingresses into DAG objects and adds them to the DAG.

InternalRedirectPolicy defines if envoy should handle redirect response internally instead of sending it downstream.

A KubernetesCache holds Kubernetes objects and associated configuration and produces DAG values.

A Listener represents a TCP socket that accepts incoming connections.

ListenerProcessor adds an HTTP and an HTTPS listener to the DAG.

LocalRateLimitPolicy holds local rate limiting parameters.

MirrorPolicy defines the mirroring policy for a route.

PathRewritePolicy defines a policy for rewriting the path of the request during forwarding.

PeerValidationContext defines how to validate the certificate on the upstream service.

PrefixMatchCondition matches the start of a URL.

QueryParameterHashOptions contains options for hashing a request query parameter.

QueryParamMatchCondition matches querystring parameters by MatchType.

RateLimitDescriptor is a list of rate limit descriptor entries.

RateLimitDescriptorEntry is an entry in a rate limit descriptor.

RateLimitPerRoute configures how the route should handle the rate limits defined by the virtual host.

RateLimitPolicy holds rate limiting parameters.

Redirect allows for a 301/302 redirect to be the response to a route request vs.

RegexMatchCondition matches the URL by regular expression.

RemoteAddressDescriptorEntry configures a descriptor entry that contains the remote address (i.e.

RequestHashPolicy holds configuration for calculating hashes on an individual request attribute.

RetryPolicy defines the retry / number / timeout options.

Route defines the properties of a route to a Cluster.

RouteTimeoutPolicy defines the timeout policy for a route.

Secret represents a K8s Secret for TLS usage as a DAG Vertex.

A SecureVirtualHost represents a HTTP host protected by TLS.

Service represents a single Kubernetes' Service's Port.

ServiceCluster capture the set of Kubernetes Services that will compose the endpoints for a Envoy cluster.

SlowStartConfig holds configuration for gradually increasing amount of traffic to a newly added endpoint.

Status contains the status for an HTTPProxy (valid / invalid / orphan, etc).

TCPHealthCheckPolicy tcp health check policy.

TCPProxy represents a cluster of TCP endpoints.

UpstreamTLS holds the TLS configuration for upstream connections.

A VirtualHost represents a named L4/L7 service.

WeightedService represents the load balancing weight of a particular core_v1.Weighted port.

Observer is an interface for receiving notification of DAG updates.

Processor constructs part of a DAG.

CORSAllowOriginMatchType differentiates different CORS origin matching methods.

ObserverFunc is a function that implements the Observer interface by calling itself.

PrefixMatchType represents different types of prefix matching alternatives.

ProcessorFunc adapts a function to the Processor interface.