v1beta1

type AIGatewayRoute struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// Spec defines the details of the AIGatewayRoute.
	Spec AIGatewayRouteSpec `json:"spec,omitempty"`
	// Status defines the status details of the AIGatewayRoute.
	Status AIGatewayRouteStatus `json:"status,omitempty"`
}

type AIGatewayRouteList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AIGatewayRoute `json:"items"`
}

type AIGatewayRouteRule struct {
	// BackendRefs is the list of backends that this rule will route the traffic to.
	// Each backend can have a weight that determines the traffic distribution.
	//
	// The namespace of each backend defaults to the same namespace as the AIGatewayRoute when not specified.
	// Cross-namespace references are supported by specifying the namespace field.
	// When a namespace different than the AIGatewayRoute's namespace is specified,
	// a ReferenceGrant object is required in the referent namespace to allow that
	// namespace's owner to accept the reference.
	//
	// BackendRefs can reference either AIServiceBackend resources (default) or InferencePool resources
	// from the Gateway API Inference Extension. When referencing InferencePool resources:
	// - Only one InferencePool backend is allowed per rule
	// - Cannot mix InferencePool with AIServiceBackend references in the same rule
	// - Fallback behavior is handled by the InferencePool's endpoint picker
	//
	// For AIServiceBackend references, you can achieve fallback behavior by configuring multiple backends
	// combined with the BackendTrafficPolicy of Envoy Gateway.
	// Please refer to https://gateway.envoyproxy.io/docs/tasks/traffic/failover/ as well as
	// https://gateway.envoyproxy.io/docs/tasks/traffic/retry/.
	//
	// +optional
	// +kubebuilder:validation:MaxItems=128
	BackendRefs []AIGatewayRouteRuleBackendRef `json:"backendRefs,omitempty"`

	// Matches is the list of AIGatewayRouteMatch that this rule will match the traffic to.
	// This is a subset of the HTTPRouteMatch in the Gateway API. See for the details:
	// https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.HTTPRouteMatch
	//
	// +optional
	// +kubebuilder:validation:MaxItems=128
	Matches []AIGatewayRouteRuleMatch `json:"matches,omitempty"`

	// Timeouts defines the timeouts that can be configured for an HTTP request.
	//
	// If this field is not set, or the timeout.requestTimeout is nil, Envoy AI Gateway defaults to
	// set 60s for the request timeout as opposed to 15s of the Envoy Gateway's default value.
	//
	// For streaming responses (like chat completions with stream=true), consider setting
	// longer timeouts as the response may take time until the completion.
	//
	// +optional
	Timeouts *gwapiv1.HTTPRouteTimeouts `json:"timeouts,omitempty"`

	// ModelsOwnedBy represents the owner of the running models serving by the backends,
	// which will be exported as the field of "OwnedBy" in openai-compatible API "/models".
	//
	// This is used only when this rule contains "x-ai-eg-model" in its header matching
	// where the header value will be recognized as a "model" in "/models" endpoint.
	// All the matched models will share the same owner.
	//
	// Default to "Envoy AI Gateway" if not set.
	//
	// +optional
	// +kubebuilder:default="Envoy AI Gateway"
	ModelsOwnedBy *string `json:"modelsOwnedBy,omitempty"`

	// ModelsCreatedAt represents the creation timestamp of the running models serving by the backends,
	// which will be exported as the field of "Created" in openai-compatible API "/models".
	// It follows the format of RFC 3339, for example "2024-05-21T10:00:00Z".
	//
	// This is used only when this rule contains "x-ai-eg-model" in its header matching
	// where the header value will be recognized as a "model" in "/models" endpoint.
	// All the matched models will share the same creation time.
	//
	// Default to the creation timestamp of the AIGatewayRoute if not set.
	//
	// +optional
	// +kubebuilder:validation:Format=date-time
	ModelsCreatedAt *metav1.Time `json:"modelsCreatedAt,omitempty"`
}

type AIGatewayRouteRuleBackendRef struct {
	// Name is the name of the backend resource.
	// When Group and Kind are not specified, this refers to an AIServiceBackend.
	// When Group and Kind are specified, this refers to the resource of the specified type.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	Name string `json:"name"`

	// Namespace is the namespace of the backend resource.
	// When unspecified (or empty string), this refers to the local namespace of the AIGatewayRoute.
	//
	// Note that when a namespace different than the local namespace is specified,
	// a ReferenceGrant object is required in the referent namespace to allow that
	// namespace's owner to accept the reference. See the ReferenceGrant
	// documentation for details.
	//
	// +optional
	Namespace *gwapiv1.Namespace `json:"namespace,omitempty"`

	// Group is the group of the backend resource.
	// When not specified, defaults to aigateway.envoyproxy.io (AIServiceBackend).
	// Currently, only "inference.networking.k8s.io" is supported for InferencePool resources.
	//
	// +optional
	// +kubebuilder:validation:MaxLength=253
	// +kubebuilder:validation:Pattern=`^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$`
	Group *string `json:"group,omitempty"`

	// Kind is the kind of the backend resource.
	// When not specified, defaults to AIServiceBackend.
	// Currently, only "InferencePool" is supported when Group is specified.
	//
	// +optional
	// +kubebuilder:validation:MaxLength=63
	// +kubebuilder:validation:Pattern=`^$|^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$`
	Kind *string `json:"kind,omitempty"`

	// Name of the model in the backend. If provided this will override the name provided in the request.
	// This field is ignored when referencing InferencePool resources.
	//
	// +optional
	ModelNameOverride string `json:"modelNameOverride,omitempty"`

	// HeaderMutation defines the request header mutation to be applied to this backend.
	// When both route-level and backend-level HeaderMutation are defined,
	// route-level takes precedence over backend-level for conflicting operations.
	// This field is ignored when referencing InferencePool resources.
	//
	// +optional
	HeaderMutation *HTTPHeaderMutation `json:"headerMutation,omitempty"`

	// BodyMutation defines the request body mutation to be applied to this backend.
	// This allows modification of JSON fields in the request body before sending to the backend.
	// When both route-level and backend-level BodyMutation are defined,
	// route-level takes precedence over backend-level for conflicting operations.
	// This field is ignored when referencing InferencePool resources.
	//
	// +optional
	BodyMutation *HTTPBodyMutation `json:"bodyMutation,omitempty"`

	// Weight is the weight of the backend. This is exactly the same as the weight in
	// the BackendRef in the Gateway API. See for the details:
	// https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.BackendRef
	//
	// Default is 1.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=1
	Weight *int32 `json:"weight,omitempty"`
	// Priority is the priority of the backend. This sets the priority on the underlying endpoints.
	// See: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/priority
	// Note: This will override the `faillback` property of the underlying Envoy Gateway Backend
	// This field is ignored when referencing InferencePool resources.
	//
	// Default is 0.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=0
	Priority *uint32 `json:"priority,omitempty"`
}

type AIGatewayRouteRuleMatch struct {
	// Headers specifies HTTP request header matchers. See HeaderMatch in the Gateway API for the details:
	// https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.HTTPHeaderMatch
	//
	// +listType=map
	// +listMapKey=name
	// +optional
	// +kubebuilder:validation:MaxItems=16
	Headers []gwapiv1.HTTPHeaderMatch `json:"headers,omitempty"`
}

type AIGatewayRouteSpec struct {
	// ParentRefs are the names of the Gateway resources this AIGatewayRoute is being attached to.
	// Currently, each reference's Kind must be Gateway.
	//
	// +kubebuilder:validation:MaxItems=16
	// +kubebuilder:validation:XValidation:rule="self.all(match, match.kind == 'Gateway')", message="only Gateway is supported"
	//
	// +optional
	ParentRefs []gwapiv1.ParentReference `json:"parentRefs,omitempty"`

	// Rules is the list of AIGatewayRouteRule that this AIGatewayRoute will match the traffic to.
	// Each rule is a subset of the HTTPRoute in the Gateway API (https://gateway-api.sigs.k8s.io/api-types/httproute/).
	//
	// AI Gateway controller will generate a HTTPRoute based on the configuration given here with the additional
	// modifications to achieve the necessary jobs, notably inserting the AI Gateway filter responsible for
	// the transformation of the request and response, etc.
	//
	// In the matching conditions in the AIGatewayRouteRule, `x-ai-eg-model` header is available
	// if we want to describe the routing behavior based on the model name. The model name is extracted
	// from the request content before the routing decision.
	//
	// How multiple rules are matched is the same as the Gateway API. See for the details:
	// https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.HTTPRoute
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MaxItems=128
	Rules []AIGatewayRouteRule `json:"rules"`

	// LLMRequestCosts specifies how to capture the cost of the LLM-related request, notably the token usage.
	// The AI Gateway filter will capture each specified number and store it in the Envoy's dynamic
	// metadata per HTTP request. The namespaced key is "io.envoy.ai_gateway".
	//
	// These route-level costs override any global defaults defined in GatewayConfig.Spec.GlobalLLMRequestCosts
	// for the same metadataKey. If a metadataKey is not defined in either place, no cost is calculated for it.
	//
	// This allows you to define common cost formulas once at the gateway level (e.g., via GatewayConfig)
	// and only override them in specific routes when needed (e.g., premium routes with different pricing).
	//
	// For example, let's say we have the following LLMRequestCosts configuration:
	// “`yaml
	//	llmRequestCosts:
	//	- metadataKey: llm_input_token
	//	  type: InputToken
	//	- metadataKey: llm_output_token
	//	  type: OutputToken
	//	- metadataKey: llm_total_token
	//	  type: TotalToken
	//	- metadataKey: llm_cached_input_token
	//	  type: CachedInputToken
	// - metadataKey: llm_cache_creation_input_token
	//    type: CacheCreationInputToken
	// “`
	// Then, with the following BackendTrafficPolicy of Envoy Gateway, you can have three
	// rate limit buckets for each unique x-tenant-id header value. One bucket is for the input token,
	// the other is for the output token, and the last one is for the total token.
	// Each bucket will be reduced by the corresponding token usage captured by the AI Gateway filter.
	//
	// “`yaml
	//	apiVersion: gateway.envoyproxy.io/v1alpha1
	//	kind: BackendTrafficPolicy
	//	metadata:
	//	  name: some-example-token-rate-limit
	//	  namespace: default
	//	spec:
	//	  targetRefs:
	//	  - group: gateway.networking.k8s.io
	//	     kind: HTTPRoute
	//	     name: usage-rate-limit
	//	  rateLimit:
	//	    type: Global
	//	    global:
	//	      rules:
	//	        - clientSelectors:
	//	            # Do the rate limiting based on the x-tenant-id header.
	//	            - headers:
	//	                - name: x-tenant-id
	//	                  type: Distinct
	//	          limit:
	//	            # Configures the number of "tokens" allowed per hour.
	//	            requests: 10000
	//	            unit: Hour
	//	          cost:
	//	            request:
	//	              from: Number
	//	              # Setting the request cost to zero allows to only check the rate limit budget,
	//	              # and not consume the budget on the request path.
	//	              number: 0
	//	            # This specifies the cost of the response retrieved from the dynamic metadata set by the AI Gateway filter.
	//	            # The extracted value will be used to consume the rate limit budget, and subsequent requests will be rate limited
	//	            # if the budget is exhausted.
	//	            response:
	//	              from: Metadata
	//	              metadata:
	//	                namespace: io.envoy.ai_gateway
	//	                key: llm_input_token
	//	        - clientSelectors:
	//	            - headers:
	//	                - name: x-tenant-id
	//	                  type: Distinct
	//	          limit:
	//	            requests: 10000
	//	            unit: Hour
	//	          cost:
	//	            request:
	//	              from: Number
	//	              number: 0
	//	            response:
	//	              from: Metadata
	//	              metadata:
	//	                namespace: io.envoy.ai_gateway
	//	                key: llm_output_token
	//	        - clientSelectors:
	//	            - headers:
	//	                - name: x-tenant-id
	//	                  type: Distinct
	//	          limit:
	//	            requests: 10000
	//	            unit: Hour
	//	          cost:
	//	            request:
	//	              from: Number
	//	              number: 0
	//	            response:
	//	              from: Metadata
	//	              metadata:
	//	                namespace: io.envoy.ai_gateway
	//	                key: llm_total_token
	// “`
	//
	// Note that when multiple AIGatewayRoute resources are attached to the same Gateway, and
	// different costs are configured for the same metadata key, each route's rule is carried in
	// the filter configuration with the route identity; the data plane selects the matching rule
	// per request (by route), so each route can define its own cost for the same metadata key.
	//
	// +optional
	// +kubebuilder:validation:MaxItems=36
	LLMRequestCosts []LLMRequestCost `json:"llmRequestCosts,omitempty"`
}

type AIGatewayRouteStatus struct {
	// Conditions is the list of conditions by the reconciliation result.
	// Currently, at most one condition is set.
	//
	// Known .status.conditions.type are: "Accepted", "NotAccepted".
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

type AIServiceBackend struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// Spec defines the details of AIServiceBackend.
	Spec AIServiceBackendSpec `json:"spec,omitempty"`
	// Status defines the status details of the AIServiceBackend.
	Status AIServiceBackendStatus `json:"status,omitempty"`
}

type AIServiceBackendList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AIServiceBackend `json:"items"`
}

type AIServiceBackendSpec struct {
	// APISchema specifies the API schema of the output format of requests from
	// Envoy that this AIServiceBackend can accept as incoming requests.
	// Based on this schema, the ai-gateway will perform the necessary transformation for
	// the pair of AIGatewayRouteSpec.APISchema and AIServiceBackendSpec.APISchema.
	//
	// This is required to be set.
	//
	// +kubebuilder:validation:Required
	APISchema VersionedAPISchema `json:"schema"`
	// BackendRef is the reference to the Backend resource that this AIServiceBackend corresponds to.
	//
	// A backend must be a Backend resource of Envoy Gateway. Note that k8s Service will be supported
	// as a backend in the future. See https://github.com/envoyproxy/ai-gateway/issues/902 for more details.
	//
	// This is required to be set.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:XValidation:rule="has(self.kind) && self.kind == 'Backend' && has(self.group) && self.group == 'gateway.envoyproxy.io'",message="BackendRef must be a Backend resource of Envoy Gateway. See https://github.com/envoyproxy/ai-gateway/issues/902 for more details."
	BackendRef gwapiv1.BackendObjectReference `json:"backendRef"`

	// HeaderMutation defines the mutation of HTTP headers that will be applied to the request
	// before sending it to the backend.
	// +optional
	HeaderMutation *HTTPHeaderMutation `json:"headerMutation,omitempty"`

	// BodyMutation defines the mutation of HTTP request body JSON fields that will be applied to the request
	// before sending it to the backend.
	// +optional
	BodyMutation *HTTPBodyMutation `json:"bodyMutation,omitempty"`
}

type AIServiceBackendStatus struct {
	// Conditions is the list of conditions by the reconciliation result.
	// Currently, at most one condition is set.
	//
	// Known .status.conditions.type are: "Accepted", "NotAccepted".
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

type APISchema string

type AWSCredentialsFile struct {
	// SecretRef is the reference to the credential file.
	//
	// The secret should contain the AWS credentials file keyed on "credentials".
	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef"`

	// Profile is the profile to use in the credentials file.
	//
	// +kubebuilder:default=default
	Profile string `json:"profile,omitempty"`
}

type AWSOIDCExchangeToken struct {
	// BackendSecurityPolicyOIDC is the generic OIDC fields.
	BackendSecurityPolicyOIDC `json:",inline"`

	// AwsRoleArn is the AWS IAM Role with the permission to use specific resources in AWS account
	// which maps to the temporary AWS security credentials exchanged using the authentication token issued by OIDC provider.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	AwsRoleArn string `json:"awsRoleArn"`
}

type AzureOIDCExchangeToken struct {
	// BackendSecurityPolicyOIDC is the generic OIDC fields.
	BackendSecurityPolicyOIDC `json:",inline"`
}

type BackendSecurityPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              BackendSecurityPolicySpec `json:"spec,omitempty"`
	// Status defines the status details of the BackendSecurityPolicy.
	Status BackendSecurityPolicyStatus `json:"status,omitempty"`
}

type BackendSecurityPolicyAPIKey struct {
	// SecretRef is the reference to the secret containing the API key.
	// ai-gateway must be given the permission to read this secret.
	// The key of the secret should be "apiKey".
	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef"`
}

type BackendSecurityPolicyAWSCredentials struct {
	// Region specifies the AWS region associated with the policy.
	//
	// +kubebuilder:validation:MinLength=1
	Region string `json:"region"`

	// CredentialsFile specifies the credentials file to use for the AWS provider.
	// When specified, this takes precedence over the default credential chain.
	//
	// +optional
	CredentialsFile *AWSCredentialsFile `json:"credentialsFile,omitempty"`

	// OIDCExchangeToken specifies the oidc configurations used to obtain an oidc token. The oidc token will be
	// used to obtain temporary credentials to access AWS.
	// When specified, this takes precedence over the default credential chain.
	//
	// +optional
	OIDCExchangeToken *AWSOIDCExchangeToken `json:"oidcExchangeToken,omitempty"`
}

type BackendSecurityPolicyAnthropicAPIKey struct {
	// SecretRef is the reference to the secret containing the Anthropic API key.
	// ai-gateway must be given the permission to read this secret.
	// The key of the secret should be "apiKey".
	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef"`
}

type BackendSecurityPolicyAzureAPIKey struct {
	// SecretRef is the reference to the secret containing the Azure API key.
	// ai-gateway must be given the permission to read this secret.
	// The key of the secret should be "apiKey".
	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef"`
}

type BackendSecurityPolicyAzureCredentials struct {
	// ClientID is a unique identifier for an application in Azure.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	ClientID string `json:"clientID"`

	// TenantId is a unique identifier for an Azure Active Directory instance.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	TenantID string `json:"tenantID"`

	// ClientSecretRef is the reference to the secret containing the Azure client secret.
	// ai-gateway must be given the permission to read this secret.
	// The key of secret should be "client-secret".
	//
	// +optional
	ClientSecretRef *gwapiv1.SecretObjectReference `json:"clientSecretRef,omitempty"`

	// OIDCExchangeToken specifies the oidc configurations used to obtain an oidc token. The oidc token will be
	// used to obtain temporary credentials to access Azure.
	//
	// +optional
	OIDCExchangeToken *AzureOIDCExchangeToken `json:"oidcExchangeToken,omitempty"`
}

type BackendSecurityPolicyGCPCredentials struct {
	// ProjectName is the GCP project name.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	ProjectName string `json:"projectName"`
	// Region is the GCP region associated with the policy.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	Region string `json:"region"`

	// CredentialsFile specifies the service account credentials file to use for the GCP provider.
	//
	// +optional
	CredentialsFile *GCPCredentialsFile `json:"credentialsFile,omitempty"`

	// WorkloadIdentityFederationConfig is the configuration for the GCP Workload Identity Federation.
	//
	// +optional
	WorkloadIdentityFederationConfig *GCPWorkloadIdentityFederationConfig `json:"workloadIdentityFederationConfig,omitempty"`
}

type BackendSecurityPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []BackendSecurityPolicy `json:"items"`
}

type BackendSecurityPolicyOIDC struct {
	// OIDC is used to obtain oidc tokens via an SSO server which will be used to exchange for provider credentials.
	//
	// +kubebuilder:validation:Required
	OIDC egv1a1.OIDC `json:"oidc"`

	// GrantType is the method application gets access token.
	//
	// +optional
	GrantType string `json:"grantType,omitempty"`

	// Aud defines the audience that this ID Token is intended for.
	//
	// +optional
	Aud string `json:"aud,omitempty"`
}

type BackendSecurityPolicySpec struct {
	// TargetRefs are the names of the AIServiceBackend or InferencePool resources this BackendSecurityPolicy is being attached to.
	// Attaching multiple BackendSecurityPolicies to the same resource is invalid and will result in an error
	// during the reconciliation of the resource.
	//
	// +optional
	// +kubebuilder:validation:MaxItems=16
	// +kubebuilder:validation:XValidation:rule="self.all(ref, (ref.group == 'aigateway.envoyproxy.io' && ref.kind == 'AIServiceBackend') || (ref.group == 'inference.networking.k8s.io' && ref.kind == 'InferencePool'))", message="targetRefs must reference AIServiceBackend or InferencePool resources"
	TargetRefs []gwapiv1a2.LocalPolicyTargetReference `json:"targetRefs,omitempty"`

	// Type specifies the type of the backend security policy.
	//
	// +kubebuilder:validation:Enum=APIKey;AWSCredentials;AzureAPIKey;AzureCredentials;GCPCredentials;AnthropicAPIKey
	Type BackendSecurityPolicyType `json:"type"`

	// APIKey is a mechanism to access a backend(s). The API key will be injected into the Authorization header.
	//
	// +optional
	APIKey *BackendSecurityPolicyAPIKey `json:"apiKey,omitempty"`

	// AWSCredentials is a mechanism to access a backend(s). AWS specific logic will be applied.
	//
	// +optional
	AWSCredentials *BackendSecurityPolicyAWSCredentials `json:"awsCredentials,omitempty"`

	// AzureAPIKey is a mechanism to access Azure OpenAI backend(s). The API key will be injected into the api-key header.
	//
	// +optional
	AzureAPIKey *BackendSecurityPolicyAzureAPIKey `json:"azureAPIKey,omitempty"`

	// AzureCredentials is a mechanism to access a backend(s). Azure OpenAI specific logic will be applied.
	//
	// +optional
	AzureCredentials *BackendSecurityPolicyAzureCredentials `json:"azureCredentials,omitempty"`

	// GCPCredentials is a mechanism to access a backend(s). GCP specific logic will be applied.
	//
	// +optional
	GCPCredentials *BackendSecurityPolicyGCPCredentials `json:"gcpCredentials,omitempty"`

	// AnthropicAPIKey is a mechanism to access Anthropic backend(s). The API key will be injected into the "x-api-key" header.
	// https://docs.claude.com/en/api/overview#authentication
	//
	// +optional
	AnthropicAPIKey *BackendSecurityPolicyAnthropicAPIKey `json:"anthropicAPIKey,omitempty"`
}

type BackendSecurityPolicyStatus struct {
	// Conditions is the list of conditions by the reconciliation result.
	// Currently, at most one condition is set.
	//
	// Known .status.conditions.type are: "Accepted", "NotAccepted".
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

type BackendSecurityPolicyType string

type GCPCredentialsFile struct {
	// SecretRef is the reference to the credential file.
	//
	// The secret should contain the GCP service account credentials file keyed on "service_account.json".
	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef"`
}

type GCPOIDCExchangeToken struct {
	// BackendSecurityPolicyOIDC is the generic OIDC fields.
	BackendSecurityPolicyOIDC `json:",inline"`
}

type GCPServiceAccountImpersonationConfig struct {
	// ServiceAccountName is the name of the service account to impersonate.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	ServiceAccountName string `json:"serviceAccountName"`
}

type GCPWorkloadIdentityFederationConfig struct {
	// ProjectID is the GCP project ID.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	ProjectID string `json:"projectID"`

	// WorkloadIdentityProviderName is the name of the external identity provider as registered on Google Cloud Platform.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	WorkloadIdentityProviderName string `json:"workloadIdentityProviderName"`

	// OIDCExchangeToken specifies the oidc configurations used to obtain an oidc token. The oidc token will be
	// used to obtain temporary credentials to access GCP.
	//
	// +kubebuilder:validation:Required
	OIDCExchangeToken GCPOIDCExchangeToken `json:"oidcExchangeToken"`

	// WorkloadIdentityPoolName is the name of the workload identity pool defined in GCP.
	// https://cloud.google.com/iam/docs/workload-identity-federation?hl=en
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	WorkloadIdentityPoolName string `json:"workloadIdentityPoolName"`

	// ServiceAccountImpersonation is the service account impersonation configuration.
	// This is used to impersonate a service account when getting access token.
	//
	// +optional
	ServiceAccountImpersonation *GCPServiceAccountImpersonationConfig `json:"serviceAccountImpersonation,omitempty"`
}

type GCPWorkloadIdentityProvider struct {
	// Name of the external identity provider as registered on Google Cloud Platform.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	Name string `json:"name"`

	// OIDCProvider is the generic OIDCProvider fields.
	//
	// +kubebuilder:validation:Required
	OIDCProvider BackendSecurityPolicyOIDC `json:"OIDCProvider"`
}

type GatewayConfig struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// Spec defines the configuration for the external processor.
	Spec GatewayConfigSpec `json:"spec,omitempty"`
	// Status defines the status of the GatewayConfig.
	Status GatewayConfigStatus `json:"status,omitempty"`
}

type GatewayConfigExtProc struct {
	// Kubernetes defines the configuration for running the external processor as a Kubernetes container.
	//
	// +optional
	Kubernetes *egv1a1.KubernetesContainerSpec `json:"kubernetes,omitempty"`
}

type GatewayConfigList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []GatewayConfig `json:"items"`
}

type GatewayConfigSpec struct {
	// ExtProc defines the configuration for the external processor container.
	//
	// +optional
	ExtProc *GatewayConfigExtProc `json:"extProc,omitempty"`

	// GlobalLLMRequestCosts defines default LLM request costs that apply to all
	// routes referencing this GatewayConfig. These costs can be overridden on a
	// per-route basis via AIGatewayRoute.Spec.LLMRequestCosts.
	//
	// When a request matches a route, the cost calculation proceeds as follows:
	//  1. If the route defines LLMRequestCosts with a matching metadataKey, use that.
	//  2. Otherwise, fall back to the global cost with that metadataKey (if defined here).
	//  3. If neither exists, the cost is not calculated for that metadataKey.
	//
	// This allows you to define common cost formulas once at the gateway level
	// (e.g., billing_charges = input_tokens + output_tokens) and only override
	// them in specific routes when needed (e.g., premium routes with different pricing).
	//
	// +optional
	// +listType=map
	// +listMapKey=metadataKey
	GlobalLLMRequestCosts []LLMRequestCost `json:"globalLLMRequestCosts,omitempty"`
}

type GatewayConfigStatus struct {
	// Conditions describe the current conditions of the GatewayConfig.
	//
	// +optional
	// +listType=map
	// +listMapKey=type
	// +kubebuilder:validation:MaxItems=8
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

type HTTPBodyField struct {
	// Path is the top-level field name to set in the request body.
	// Examples: "service_tier", "max_tokens", "temperature"
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	Path string `json:"path"`

	// Value is the JSON value to set at the specified field. This can be any valid JSON value:
	// string, number, boolean, object, array, or null.
	// The value will be parsed as JSON and inserted at the specified field.
	//
	// Examples:
	//   - "\"scale\"" (string)
	//   - "42" (number)
	//   - "true" (boolean)
	//   - "{\"key\": \"value\"}" (object)
	//   - "[1, 2, 3]" (array)
	//   - "null" (null)
	//
	// +kubebuilder:validation:Required
	Value string `json:"value"`
}

type HTTPBodyMutation struct {
	// Set overwrites/adds the request body with the given JSON field (name, value)
	// before sending to the backend. Only top-level fields are currently supported.
	//
	// Input:
	//   {
	//     "model": "gpt-4",
	//     "service_tier": "default"
	//   }
	//
	// Config:
	//   set:
	//   - path: "service_tier"
	//     value: "scale"
	//
	// Output:
	//   {
	//     "model": "gpt-4",
	//     "service_tier": "scale"
	//   }
	//
	// +optional
	// +listType=map
	// +listMapKey=path
	// +kubebuilder:validation:MaxItems=16
	Set []HTTPBodyField `json:"set,omitempty"`

	// Remove the given JSON field(s) from the HTTP request body before sending to the backend.
	// The value of Remove is a list of top-level field names to remove.
	//
	// Input:
	//   {
	//     "model": "gpt-4",
	//     "service_tier": "default",
	//     "internal_flag": true
	//   }
	//
	// Config:
	//   remove: ["service_tier", "internal_flag"]
	//
	// Output:
	//   {
	//     "model": "gpt-4"
	//   }
	//
	// +optional
	// +listType=set
	// +kubebuilder:validation:MaxItems=16
	Remove []string `json:"remove,omitempty"`
}

type HTTPHeaderMutation struct {
	// Set overwrites/adds the request with the given header (name, value)
	// before the action.
	//
	// Input:
	//   GET /foo HTTP/1.1
	//   my-header: foo
	//
	// Config:
	//   set:
	//   - name: "my-header"
	//     value: "bar"
	//
	// Output:
	//   GET /foo HTTP/1.1
	//   my-header: bar
	//
	// +optional
	// +listType=map
	// +listMapKey=name
	// +kubebuilder:validation:MaxItems=16
	Set []gwapiv1.HTTPHeader `json:"set,omitempty"`

	// Remove the given header(s) from the HTTP request before the action. The
	// value of Remove is a list of HTTP header names. Note that the header
	// names are case-insensitive (see
	// https://datatracker.ietf.org/doc/html/rfc2616#section-4.2).
	//
	// Input:
	//   GET /foo HTTP/1.1
	//   my-header1: foo
	//   my-header2: bar
	//   my-header3: baz
	//
	// Config:
	//   remove: ["my-header1", "my-header3"]
	//
	// Output:
	//   GET /foo HTTP/1.1
	//   my-header2: bar
	//
	// +optional
	// +listType=set
	// +kubebuilder:validation:MaxItems=16
	Remove []string `json:"remove,omitempty"`
}

type JWKS struct {
	// RemoteJWKS defines how to fetch and cache JSON Web Key Sets (JWKS) from a remote
	// HTTP/HTTPS endpoint.
	//
	// +optional
	RemoteJWKS *egv1a1.RemoteJWKS `json:"remoteJWKS,omitempty"`

	// LocalJWKS defines how to get the JSON Web Key Sets (JWKS) from a local source.
	//
	// +optional
	LocalJWKS *egv1a1.LocalJWKS `json:"localJWKS,omitempty"`
}

type JWTSource struct {
	// Scopes defines the list of JWT scopes required for the rule.
	// If multiple scopes are specified, all scopes must be present in the JWT for the rule to match.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=16
	// +optional
	Scopes []egv1a1.JWTScope `json:"scopes,omitempty"`

	// Claims defines the list of JWT claims required for the rule. Each claim must exist on the token
	// and have at least one of the expected values. Use to enforce tenant or subject-based access.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=16
	// +optional
	// +kubebuilder:validation:XValidation:rule="!self.exists(c, c.name == 'scope')",message="'scope' claim name is reserved for OAuth scopes"
	Claims []egv1a1.JWTClaim `json:"claims,omitempty"`
}

type LLMRequestCost struct {
	// MetadataKey is the key of the metadata to store this cost of the request.
	//
	// +kubebuilder:validation:Required
	MetadataKey string `json:"metadataKey"`
	// Type specifies the type of the request cost. The default is "OutputToken",
	// and it uses "output token" as the cost. The other types are "InputToken", "TotalToken",
	// "CachedInputToken", "CacheCreationInputToken", "ReasoningToken", and "CEL".
	//
	// +kubebuilder:validation:Enum=OutputToken;InputToken;CachedInputToken;CacheCreationInputToken;TotalToken;ReasoningToken;CEL
	Type LLMRequestCostType `json:"type"`
	// CEL is the CEL expression to calculate the cost of the request.
	// The CEL expression must return a signed or unsigned integer. If the
	// return value is negative, it will be error.
	//
	// The expression can use the following variables:
	//
	//	* model: the model name extracted from the request content. Type: string.
	//	* backend: the backend name in the form of "name.namespace". Type: string.
	//	* input_tokens: the number of input tokens. Type: unsigned integer.
	//	* cached_input_tokens: the number of cached read input tokens. Type: unsigned integer.
	//	* cache_creation_input_tokens: the number of cache creation input tokens. Type: unsigned integer.
	//	* output_tokens: the number of output tokens. Type: unsigned integer.
	//	* total_tokens: the total number of tokens. Type: unsigned integer.
	//	* reasoning_tokens: the number of reasoning tokens. Type: unsigned integer.
	//
	// For example, the following expressions are valid:
	//
	// 	* "model == 'llama' ?  input_tokens + output_token * 0.5 : total_tokens"
	//	* "backend == 'foo.default' ?  input_tokens + output_tokens : total_tokens"
	//	* "backend == 'bar.default' ?  (input_tokens - cached_input_tokens) + cached_input_tokens * 0.1 + cache_creation_input_tokens * 1.25 + output_tokens : total_tokens"
	//	* "input_tokens + output_tokens + total_tokens"
	//	* "input_tokens * output_tokens"
	//
	// +optional
	CEL *string `json:"cel,omitempty"`
}

type LLMRequestCostType string

type MCPAuthorizationSource struct {
	// JWT defines the JWT scopes required for this rule to match.
	//
	// +kubebuilder:validation:Required
	JWT JWTSource `json:"jwt"`
}

type MCPAuthorizationTarget struct {
	// Tools defines the list of tools this rule applies to.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:MaxItems=16
	Tools []ToolCall `json:"tools"`
}

type MCPBackendAPIKey struct {
	// secretRef is the Kubernetes secret which contains the API keys.
	// The key of the secret should be "apiKey".
	// +optional
	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef,omitempty"`

	// Inline contains the API key as an inline string.
	//
	// +optional
	Inline *string `json:"inline,omitempty"`

	// Header is the HTTP header to inject the API key into. If not specified,
	// defaults to "Authorization".
	// When the header is "Authorization", the injected header value will be
	// prefixed with "Bearer ".
	//
	// Either one of Header or QueryParam can be specified to inject the API key.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MinLength=1
	// +optional
	Header *string `json:"header,omitempty"`

	// QueryParam is the HTTP query parameter to inject the API key into.
	// For example, if QueryParam is set to "api_key", and the API key is "mysecretkey", the request URL will be modified to include
	// "?api_key=mysecretkey".
	//
	// Either one of Header or QueryParam can be specified to inject the API key.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MinLength=1
	// +optional
	QueryParam *string `json:"queryParam,omitempty"`
}

type MCPBackendSecurityPolicy struct {
	// APIKey is a mechanism to access a backend. The API key will be injected into the request headers.
	// +optional
	APIKey *MCPBackendAPIKey `json:"apiKey,omitempty"`
}

type MCPHeaderForward struct {
	// Name is the header name to extract from the incoming client request.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinLength=1
	Name string `json:"name"`

	// BackendHeader is the header name to use when forwarding to the backend.
	// If not specified, the original header name is used.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MinLength=1
	// +optional
	BackendHeader *string `json:"backendHeader,omitempty"`
}

type MCPRoute struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// Spec defines the details of the MCPRoute.
	Spec MCPRouteSpec `json:"spec,omitempty"`
	// Status defines the status details of the MCPRoute.
	Status MCPRouteStatus `json:"status,omitempty"`
}

type MCPRouteAuthorization struct {
	// DefaultAction is the action to take when no rules match. If unspecified, defaults to Deny.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:default:=Deny
	// +optional
	DefaultAction *egv1a1.AuthorizationAction `json:"defaultAction,omitempty"`

	// Rules defines a list of authorization rules.
	// These rules are evaluated in order, the first matching rule will be applied,
	// and the rest will be skipped.
	//
	// If no rules are defined, the default action will be applied to all requests.
	//
	// +kubebuilder:validation:MaxItems=32
	// +optional
	Rules []MCPRouteAuthorizationRule `json:"rules,omitempty"`
}

type MCPRouteAuthorizationRule struct {
	// Source defines the authorization source for this rule.
	// If not specified, the rule will match all sources.
	//
	// +kubebuilder:validation:Optional
	Source *MCPAuthorizationSource `json:"source,omitempty"`

	// Target defines the authorization target for this rule.
	// If not specified, the rule will match all targets.
	//
	// +kubebuilder:validation:Optional
	Target *MCPAuthorizationTarget `json:"target,omitempty"`

	// CEL specifies a Common Expression Language (CEL) expression evaluated for this rule.
	// The expression must return a boolean; evaluation errors or non-boolean results
	// are treated as "no match".
	//
	// Example CEL expressions:
	//	* `request.method == "POST"`
	//	* `request.headers["x-custom-header"] == "AllowedValue"`
	//	* `request.mcp.tool in ["toolA", "toolB"]`
	//
	// Available attributes in the CEL expression:
	//
	//	* request.method: HTTP method such as GET or POST. Type: string.
	//	* request.headers: map of headers with lowercased keys, first value only. Type: map[string]string.
	//	* request.headers_all: map of headers with lowercased keys, all values. Type: map[string][]string.
	//	* request.path: request path such as /mcp. Type: string.
	//	* request.auth.jwt.claims: JWT claims when a bearer JWT is present. Type: map[string]any.
	//	* request.auth.jwt.scopes: JWT scopes when a bearer JWT is present. Type: []string.
	//	* request.mcp.method: MCP method such as tools/list or tools/call. Type: string.
	//	* request.mcp.backend: upstream backend name (for example, "kiwi" or "github"). Type: string.
	//	* request.mcp.tool: tool name without backend prefix (for example, "list_issues"). Type: string.
	//	* request.mcp.params: parameters of the MCP method, including keys like "_meta" and "arguments". Type: object.
	//
	// Note: The CEL expression support is experimental, and the attributes
	// available to the expression may change in future releases.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxLength=4096
	// +optional
	CEL *string `json:"cel,omitempty"`

	// Action is the authorization decision for matching requests. If unspecified, defaults to Allow.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:default:=Allow
	// +optional
	Action *egv1a1.AuthorizationAction `json:"action,omitempty"`
}

type MCPRouteBackendRef struct {
	gwapiv1.BackendObjectReference `json:",inline"`

	// Path is the HTTP endpoint path of the backend MCP server.
	// If not specified, the default is "/mcp".
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:default:=/mcp
	// +kubebuilder:validation:MaxLength=1024
	// +optional
	Path *string `json:"path,omitempty"`

	// ToolSelector filters the tools exposed by this MCP server.
	// Supports exact matches and RE2-compatible regular expressions for both include and exclude patterns.
	// If not specified, all tools from the MCP server are exposed.
	// +kubebuilder:validation:Optional
	// +optional
	ToolSelector *MCPToolFilter `json:"toolSelector,omitempty"`

	// SecurityPolicy is the security policy to apply to this MCP server.
	//
	// +kubebuilder:validation:Optional
	// +optional
	SecurityPolicy *MCPBackendSecurityPolicy `json:"securityPolicy,omitempty"`

	// ForwardHeaders specifies HTTP headers to extract from the incoming client request
	// and forward to this backend MCP server.
	// This enables per-user authentication passthrough (e.g., personal access tokens)
	// without requiring OAuth configuration.
	// Each entry specifies a header name to extract and an optional rename for the backend.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=32
	// +optional
	ForwardHeaders []MCPHeaderForward `json:"forwardHeaders,omitempty"`
}

type MCPRouteList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []MCPRoute `json:"items"`
}

type MCPRouteOAuth struct {
	// Issuer is the authorization server's issuer identity.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:Format=uri
	Issuer string `json:"issuer"`

	// Audiences is a list of JWT audiences allowed access.
	// It is recommended to set this field for token audience validation, as it is a security best practice to prevent token misuse.
	// Reference: https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization#token-audience-binding-and-validation
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=32
	Audiences []string `json:"audiences"`

	// JWKS defines how a JSON Web Key Sets (JWKS) can be obtained to verify the access tokens presented by the clients.
	//
	// If not specified, the JWKS URI will be discovered from the OAuth 2.0 Authorization Server Metadata
	// as per RFC 8414 by querying the `/.well-known/oauth-authorization-server` endpoint on the Issuer.
	//
	// +optional
	JWKS *JWKS `json:"jwks,omitempty"`

	// ProtectedResourceMetadata defines the OAuth 2.0 Resource Server Metadata as per RFC 8414.
	// This is used to expose the metadata endpoint for mcp clients to discover the authorization servers,
	// supported scopes, and JWKS URI.
	//
	// +kubebuilder:validation:Required
	ProtectedResourceMetadata ProtectedResourceMetadata `json:"protectedResourceMetadata"`

	// ClaimToHeaders specifies JWT claims to extract and forward as HTTP headers to backend MCP servers.
	// This enables backends to access user identity for authorization, auditing, or personalization.
	//
	// Security considerations:
	// - Any client-provided headers matching the configured header names will be stripped to prevent forgery
	// - Only the specified claims are extracted; the full JWT is not forwarded to backends
	// - Consider using a header prefix (e.g., "X-Jwt-Claim-") to avoid conflicts with other headers
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=16
	// +optional
	ClaimToHeaders []egv1a1.ClaimToHeader `json:"claimToHeaders,omitempty"`
}

type MCPRouteSecurityPolicy struct {
	// OAuth defines the configuration for the MCP spec compatible OAuth authentication.
	//
	// +optional
	OAuth *MCPRouteOAuth `json:"oauth,omitempty"`

	// APIKeyAuth defines the configuration for the API Key Authentication.
	//
	// +optional
	APIKeyAuth *egv1a1.APIKeyAuth `json:"apiKeyAuth,omitempty"`

	// ExtAuth defines the configuration for External Authorization.
	//
	// +optional
	ExtAuth *egv1a1.ExtAuth `json:"extAuth,omitempty"`

	// Authorization defines the configuration for the MCP spec compatible authorization.
	//
	// +optional
	Authorization *MCPRouteAuthorization `json:"authorization,omitempty"`
}

type MCPRouteSpec struct {
	// ParentRefs are the names of the Gateway resources this MCPRoute is being attached to.
	// Cross namespace references are not supported. In other words, the Gateway resources must be in the
	// same namespace as the MCPRoute. Currently, each reference's Kind must be Gateway.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:MaxItems=16
	// +kubebuilder:validation:XValidation:rule="self.all(match, match.kind == 'Gateway')", message="only Gateway is supported"
	ParentRefs []gwapiv1.ParentReference `json:"parentRefs"`

	// Path is the HTTP endpoint path that serves MCP requests over the Streamable HTTP transport.
	// If not specified, the default is "/mcp".
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:default:=/mcp
	// +kubebuilder:validation:MaxLength=1024
	// +optional
	Path *string `json:"path,omitempty"`

	// Headers are HTTP headers that must match for this route to be selected.
	// Multiple match values are ANDed together, meaning, a request must match all the specified headers to select the route.
	//
	// +listType=map
	// +listMapKey=name
	// +optional
	// +kubebuilder:validation:MaxItems=16
	Headers []gwapiv1.HTTPHeaderMatch `json:"headers,omitempty"`

	// BackendRefs is a list of backend references to the MCP servers.
	// These MCP servers will be aggregated and exposed as a single MCP endpoint to the clients.
	// From the client's perspective, they only need to configure a single MCP server URL, e.g. "https://api.example.com/mcp",
	// and the Envoy AI Gateway will route the requests to the appropriate MCP server based on the requests.
	//
	// All names must be unique within this list to avoid potential tools, resources, etc. name collisions.
	// Also, cross-namespace references are not supported. In other words, the backend MCP servers must be in the
	// same namespace as the MCPRoute.
	//
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:MaxItems=256
	// +kubebuilder:validation:XValidation:rule="self.all(i, self.exists_one(j, j.name == i.name))", message="all backendRefs names must be unique"
	BackendRefs []MCPRouteBackendRef `json:"backendRefs"`

	// SecurityPolicy defines the security policy for this MCPRoute.
	//
	// +kubebuilder:validation:Optional
	// +optional
	SecurityPolicy *MCPRouteSecurityPolicy `json:"securityPolicy,omitempty"`
}

type MCPRouteStatus struct {
	// Conditions is the list of conditions by the reconciliation result.
	// Currently, at most one condition is set.
	//
	// Known .status.conditions.type are: "Accepted", "NotAccepted".
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

type MCPToolFilter struct {
	// Include is a list of tool names to include. Only the specified tools will be available.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=32
	// +optional
	Include []string `json:"include,omitempty"`

	// IncludeRegex is a list of RE2-compatible regular expressions that, when matched, include the tool.
	// Only tools matching these patterns will be available.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=32
	// +optional
	IncludeRegex []string `json:"includeRegex,omitempty"`

	// Exclude is a list of tool names to exclude. The specified tools will not be available.
	// Exclude rules take precedence over include rules.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=32
	// +optional
	Exclude []string `json:"exclude,omitempty"`

	// ExcludeRegex is a list of RE2-compatible regular expressions that, when matched, exclude the tool.
	// Tools matching these patterns will not be available. Exclude rules take precedence over include rules.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=32
	// +optional
	ExcludeRegex []string `json:"excludeRegex,omitempty"`
}

type ProtectedResourceMetadata struct {
	// Resource is the identifier of the protected resource.
	// This should match the MCPRoute's URL. For example, if the MCPRoute's URL is
	// "https://api.example.com/mcp", the Resource should be "https://api.example.com/mcp".
	// +kubebuilder:validation:Required
	// +kubebuilder:validation:Format=uri
	Resource string `json:"resource"`

	// ResourceName is a human-readable name for the protected resource.
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxLength=256
	// +optional
	ResourceName *string `json:"resourceName,omitempty"`

	// ScopesSupported defines the minimal set of scopes required for the basic functionality of the MCPRoute.
	// It should avoid broad or overly permissive scopes to prevent clients from requesting tokens with excessive privileges.
	//
	// If an operation requires additional scopes that are not present in the access token, the client will receive a
	// 403 Forbidden response that includes the required scopes in the `scope` field of the `WWW-Authenticate` header.
	// This enables incremental privilege elevation through targeted `WWW-Authenticate: scope="..."` challenges when
	// privileged operations are first attempted.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MaxItems=32
	// +optional
	ScopesSupported []string `json:"scopesSupported,omitempty"`

	// ResourceSigningAlgValuesSupported is a list of JWS signing algorithms supported by the resource server.
	// These algorithms are used in the "alg" field of the JOSE header in signed tokens.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:MaxItems=16
	// +optional
	ResourceSigningAlgValuesSupported []string `json:"resourceSigningAlgValuesSupported,omitempty"`

	// ResourceDocumentation is a URL that provides human-readable documentation for the resource.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:Format=uri
	// +optional
	ResourceDocumentation *string `json:"resourceDocumentation,omitempty"`

	// ResourcePolicyURI is a URL that points to the resource server's policy document.
	//
	// +kubebuilder:validation:Optional
	// +kubebuilder:validation:Format=uri
	// +optional
	ResourcePolicyURI *string `json:"resourcePolicyUri,omitempty"`
}

type ToolCall struct {
	// Backend is the name of the backend this tool belongs to.
	//
	// +kubebuilder:validation:Required
	Backend string `json:"backend"`

	// Tool is the name of the tool.
	//
	// +kubebuilder:validation:Required
	Tool string `json:"tool"`
}

type VersionedAPISchema struct {
	// Name is the name of the API schema of the AIGatewayRoute or AIServiceBackend.
	//
	// +kubebuilder:validation:Enum=OpenAI;Cohere;AWSBedrock;AzureOpenAI;GCPVertexAI;GCPAnthropic;Anthropic;AWSAnthropic
	Name APISchema `json:"name"`

	// Version is the version of the API schema.
	//
	// When the name is set to AzureOpenAI, this version maps to "API Version" in the
	// Azure OpenAI API documentation (https://learn.microsoft.com/en-us/azure/ai-services/openai/reference#rest-api-versioning).
	//
	// See https://aigateway.envoyproxy.io/docs/capabilities/llm-integrations/supported-providers for details.
	// +optional
	Version *string `json:"version,omitempty"`

	// Prefix is the prefix for the API.
	//
	// When the name is set to "OpenAI", "chat completions" API endpoint will be "${this_field}/chat/completions".
	// It can be with or without a leading slash ("/").
	//
	// This is especially useful when routing to the backend that has an OpenAI compatible API but has a different
	// prefix. For example, Gemini OpenAI compatible API (https://ai.google.dev/gemini-api/docs/openai) uses
	// "/v1beta/openai" prefix. Another example is that Cohere AI (https://docs.cohere.com/v2/docs/compatibility-api)
	// uses "/compatibility/v1" prefix. On the other hand, DeepSeek (https://api-docs.deepseek.com/) doesn't
	// use prefix, so you can leave this field unset.
	//
	// See https://aigateway.envoyproxy.io/docs/capabilities/llm-integrations/supported-providers for details.
	// +optional
	Prefix *string `json:"prefix,omitempty"`
}