istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pkg/config/analysis/analyzers/testdata/gateway-duplicate-certificate.yaml (about) 1 --- 2 apiVersion: networking.istio.io/v1alpha3 3 kind: Gateway 4 metadata: 5 name: gateway-01-test-01 6 namespace: istio-system 7 spec: 8 selector: 9 istio: ingressgateway 10 servers: 11 - port: 12 number: 443 13 name: https 14 protocol: HTTPS 15 tls: 16 mode: SIMPLE 17 credentialName: "test-01-wildcard-cert" # validation error since have same certificate with gateway-02-test-01 18 hosts: 19 - "01.test-01.com" 20 --- 21 apiVersion: networking.istio.io/v1alpha3 22 kind: Gateway 23 metadata: 24 name: gateway-02-test-01 25 namespace: istio-system 26 spec: 27 selector: 28 istio: ingressgateway 29 servers: 30 - port: 31 number: 443 32 name: https 33 protocol: HTTPS 34 tls: 35 mode: SIMPLE 36 credentialName: "test-01-wildcard-cert" # validation error since have same certificate with gateway-01-test-01 37 hosts: 38 - "02.test-01.com" 39 --- 40 apiVersion: networking.istio.io/v1alpha3 41 kind: Gateway 42 metadata: 43 name: gateway-01-test-02 44 namespace: istio-system 45 spec: 46 selector: 47 istio: ingressgateway 48 servers: 49 - port: 50 number: 443 51 name: https 52 protocol: HTTPS 53 tls: 54 mode: SIMPLE 55 credentialName: "test-02-wildcard-cert" # validation error since have same certificate with gateway-01-test-02 56 hosts: 57 - "01.test-02.com" 58 --- 59 apiVersion: networking.istio.io/v1alpha3 60 kind: Gateway 61 metadata: 62 name: gateway-02-test-02 63 namespace: istio-system 64 spec: 65 selector: 66 istio: ingressgateway 67 type: internal 68 servers: 69 - port: 70 number: 443 71 name: https 72 protocol: HTTPS 73 tls: 74 mode: SIMPLE 75 credentialName: "test-02-wildcard-cert" # no validation error, because this gateway selector is not subset of other gateway selector 76 hosts: 77 - "02.test-02.com" 78 --- 79 apiVersion: networking.istio.io/v1alpha3 80 kind: Gateway 81 metadata: 82 name: gateway-01-test-03 83 namespace: default 84 spec: 85 selector: 86 istio: ingressgateway 87 servers: 88 - port: 89 number: 443 90 name: https 91 protocol: HTTPS 92 tls: 93 mode: SIMPLE 94 credentialName: "test-03-wildcard-cert" # validation error, since have same certificate with gateway-02-test-03 95 hosts: 96 - "01.test-03.com" 97 --- 98 apiVersion: networking.istio.io/v1alpha3 99 kind: Gateway 100 metadata: 101 name: gateway-02-test-03 102 namespace: istio-system 103 spec: 104 selector: 105 istio: ingressgateway 106 type: internal 107 servers: 108 - port: 109 number: 443 110 name: https 111 protocol: HTTPS 112 tls: 113 mode: SIMPLE 114 credentialName: "test-03-wildcard-cert" # no validation error, because this gateway selector is not subset of other gateway selector 115 hosts: 116 - "02.test-03.com" 117 --- 118 apiVersion: networking.istio.io/v1alpha3 119 kind: Gateway 120 metadata: 121 name: gateway-01-test-04 122 namespace: istio-system 123 spec: 124 selector: 125 istio: ingressgateway 126 servers: 127 - port: 128 number: 443 129 name: https 130 protocol: HTTPS 131 tls: 132 mode: SIMPLE 133 credentialName: "01-test-04-wildcard-cert" # no validation error 134 hosts: 135 - "01.test-04.com" 136 --- 137 apiVersion: networking.istio.io/v1alpha3 138 kind: Gateway 139 metadata: 140 name: gateway-02-test-04 141 namespace: istio-system 142 spec: 143 selector: 144 istio: ingressgateway 145 servers: 146 - port: 147 number: 443 148 name: https 149 protocol: HTTPS 150 tls: 151 mode: SIMPLE 152 credentialName: "02-test-04-wildcard-cert" # no validation error 153 hosts: 154 - "02.test-04.com" 155 --- 156 apiVersion: networking.istio.io/v1alpha3 157 kind: Gateway 158 metadata: 159 name: gateway-01-test-05 160 namespace: istio-system 161 spec: 162 selector: 163 istio: ingressgateway 164 servers: 165 - port: 166 number: 443 167 name: https 168 protocol: HTTPS 169 tls: 170 mode: SIMPLE 171 credentialName: "01-test-05-wildcard-cert" # no validation error 172 hosts: 173 - "01.test-05.com" 174 --- 175 apiVersion: networking.istio.io/v1alpha3 176 kind: Gateway 177 metadata: 178 name: gateway-02-test-05 179 namespace: istio-system 180 spec: 181 selector: 182 istio: ingressgateway 183 type: internal 184 servers: 185 - port: 186 number: 443 187 name: https 188 protocol: HTTPS 189 tls: 190 mode: SIMPLE 191 credentialName: "02-test-05-wildcard-cert" # no validation error 192 hosts: 193 - "02.test-05.com" 194 --- 195 apiVersion: networking.istio.io/v1alpha3 196 kind: Gateway 197 metadata: 198 name: gateway-01-test-06 199 namespace: default 200 spec: 201 selector: 202 istio: ingressgateway 203 servers: 204 - port: 205 number: 443 206 name: https 207 protocol: HTTPS 208 tls: 209 mode: SIMPLE 210 credentialName: "01-test-06-wildcard-cert" # no validation error 211 hosts: 212 - "01.test-06.com" 213 --- 214 apiVersion: networking.istio.io/v1alpha3 215 kind: Gateway 216 metadata: 217 name: gateway-02-test-06 218 namespace: istio-system 219 spec: 220 selector: 221 istio: ingressgateway 222 servers: 223 - port: 224 number: 443 225 name: https 226 protocol: HTTPS 227 tls: 228 mode: SIMPLE 229 credentialName: "02-test-06-wildcard-cert" # no validation error 230 hosts: 231 - "02.test-06.com" 232 --- 233 apiVersion: networking.istio.io/v1alpha3 234 kind: Gateway 235 metadata: 236 name: gateway-03-test-06 237 namespace: default 238 spec: 239 selector: 240 istio: ingressgateway 241 servers: 242 - port: 243 number: 80 244 name: http 245 protocol: HTTP 246 hosts: 247 - "03.test-06.com" # no validation error 248 --- 249 apiVersion: networking.istio.io/v1alpha3 250 kind: Gateway 251 metadata: 252 name: gateway-04-test-06 253 namespace: default 254 spec: 255 selector: 256 istio: ingressgateway 257 servers: 258 - port: 259 number: 80 260 name: http 261 protocol: HTTP 262 hosts: 263 - "04.test-06.com" # no validation error 264 --- 265 apiVersion: v1 266 kind: Pod 267 metadata: 268 labels: 269 type: internal 270 istio: ingressgateway 271 name: internal-ingressgateway 272 namespace: istio-system 273 spec: 274 containers: 275 - args: 276 name: istio-proxy 277 --- 278 apiVersion: v1 279 data: 280 cert: aHVzaCBodXNoIGh1c2gK 281 key: c2VjcmV0IHNlY3JldAo= 282 kind: Secret 283 metadata: 284 name: test-01-wildcard-cert 285 namespace: istio-system 286 type: Opaque 287 --- 288 apiVersion: v1 289 data: 290 cert: aHVzaCBodXNoIGh1c2gK 291 key: c2VjcmV0IHNlY3JldAo= 292 kind: Secret 293 metadata: 294 name: test-02-wildcard-cert 295 namespace: istio-system 296 type: Opaque 297 --- 298 apiVersion: v1 299 data: 300 cert: aHVzaCBodXNoIGh1c2gK 301 key: c2VjcmV0IHNlY3JldAo= 302 kind: Secret 303 metadata: 304 name: test-03-wildcard-cert 305 namespace: istio-system 306 type: Opaque 307 --- 308 apiVersion: v1 309 data: 310 cert: aHVzaCBodXNoIGh1c2gK 311 key: c2VjcmV0IHNlY3JldAo= 312 kind: Secret 313 metadata: 314 name: 01-test-04-wildcard-cert 315 namespace: istio-system 316 type: Opaque 317 --- 318 apiVersion: v1 319 data: 320 cert: aHVzaCBodXNoIGh1c2gK 321 key: c2VjcmV0IHNlY3JldAo= 322 kind: Secret 323 metadata: 324 name: 02-test-04-wildcard-cert 325 namespace: istio-system 326 type: Opaque 327 --- 328 apiVersion: v1 329 data: 330 cert: aHVzaCBodXNoIGh1c2gK 331 key: c2VjcmV0IHNlY3JldAo= 332 kind: Secret 333 metadata: 334 name: 01-test-05-wildcard-cert 335 namespace: istio-system 336 type: Opaque 337 --- 338 apiVersion: v1 339 data: 340 cert: aHVzaCBodXNoIGh1c2gK 341 key: c2VjcmV0IHNlY3JldAo= 342 kind: Secret 343 metadata: 344 name: 02-test-05-wildcard-cert 345 namespace: istio-system 346 type: Opaque 347 --- 348 apiVersion: v1 349 data: 350 cert: aHVzaCBodXNoIGh1c2gK 351 key: c2VjcmV0IHNlY3JldAo= 352 kind: Secret 353 metadata: 354 name: 01-test-06-wildcard-cert 355 namespace: istio-system 356 type: Opaque 357 --- 358 apiVersion: v1 359 data: 360 cert: aHVzaCBodXNoIGh1c2gK 361 key: c2VjcmV0IHNlY3JldAo= 362 kind: Secret 363 metadata: 364 name: 02-test-06-wildcard-cert 365 namespace: istio-system 366 type: Opaque