Added support for Kubernetes Gateway API

Author: bastianeicher

charts/generic-service/README.md

@@ -112,7 +112,9 @@ app:
 | `ingress.cors.allowCredentials`                 | `true`                      | Indicates whether the caller is allowed to send the actual request (not the preflight) using credentials |
 | `ingress.cors.exposeHeaders`                    | `[]`                        | List of HTTP headers that the browsers are allowed to access                                             |
 | `ingress.class`                                 |                             | The ingress controller to use (not applicable if `ingress.istio.enabled`)                                |
-| `ingress.annotations`                           | `{}`                        | Annotations for `Ingress` or `VirtualService` resource                                                   |
+| `ingress.gateway.namespace`                     |                             | The namespace containing the `Gateway` to use                                                            |
+| `ingress.gateway.name`                          |                             | The name of the `Gateway` to use (creates an `HTTPRoute` instead of an `Ingress` when set)               |
+| `ingress.annotations`                           | `{}`                        | Annotations for `Ingress`, `HTTPRoute` or `VirtualService` resource                                      |
 | `ingress.headless`                              | `false`                     | Creates an additional `Service` with the suffix `-headless` that directly exposes Pod IPs                |
 | `ingress.headlessExposesAll`                    | `false`                     | Exposes all replicas, including unready ones, via the `-headless` `Service`                              |
 | `ingress.nodeLocal`                             | `false`                     | Creates an additional `Service` with the suffix `-local` that only routes to pods on the same node       |
@@ -122,6 +124,8 @@ app:
 | `ingress.istio.httpHeaders`                     | `{}`                        | Custom HTTP response headers                                                                             |
 | `ingress.istio.retries`                         | `{}`                        | [Istio retry policy](https://istio.io/docs/reference/config/networking/virtual-service/#HTTPRetry)       |
 | `ingress.extra.*.class`                         | same as `ingress.class`     | Additional ingress controller to use (not applicable if `ingress.istio.enabled`)                         |
+| `ingress.extra.*.gateway.namespace`             |                             | The namespace containing the `Gateway` to use                                                            |
+| `ingress.extra.*.gateway.name`                  |                             | The name of the `Gateway` to use (creates an `HTTPRoute` instead of an `Ingress` when set)               |
 | `ingress.extra.*.port`                          | same as `ingress.port`      | Additional container port ingress traffic is routed to (not applicable if `ingress.istio.enabled`)       |
 | `ingress.extra.*.protocol`                      | `http`                      | The protocol used for the port (e.g., `http`, `https`, `h2c`, `grpc`, `http2`/`h2` or `grpcs`)           |
 | `ingress.extra.*.timeoutSeconds`                |                             | Number of seconds after which to timeout waiting for response from service; -1 for infinite              |

charts/generic-service/ci/ingress-gateway-values.yaml

@@ -0,0 +1,21 @@
+# Ingress gateway test
+
+image:
+  repository: jwilder/whoami
+  tag: latest
+
+ingress:
+  enabled: true
+  port: 8000
+  timeoutSeconds: 5
+  domains: ['example.com']
+  gateway:
+    name: my-gateway
+  extra:
+    other-port:
+      port: 1337
+      domains: ['custom-port.example.com']
+      annotations:
+        key: value
+      protocol: grpc
+      timeoutSeconds: 5

charts/generic-service/templates/httproute-extra.yaml

@@ -0,0 +1,41 @@
+{{- if and .Values.ingress.enabled .Values.ingress.extra }}
+{{- range $name, $extra := .Values.ingress.extra }}
+{{- $gateway := deepCopy $.Values.ingress.gateway | mustMerge ($extra.gateway | default dict) }}
+{{- if $gateway.name }}
+
+apiVersion: gateway.networking.k8s.io/v1beta1
+kind: HTTPRoute
+metadata:
+  name: {{ include "generic-service.fullname" $ }}-{{ $name }}
+  labels: {{- include "generic-service.default-labels" $ | nindent 4 }}
+  annotations:
+  {{- $merged := deepCopy ($.Values.ingress.annotations | default dict) | mustMerge ($extra.annotations | default dict) }}
+  {{- range $mname, $mvalue := $merged }}
+    {{- if ne $mvalue "nil" }}
+      {{- dict $mname $mvalue | toYaml | nindent 4 }}
+    {{- end }}
+  {{- end }}
+
+spec:
+  parentRefs:
+    - {{ $gateway | toYaml | nindent 6 }}
+
+  hostnames: {{ $extra.domains | toYaml | nindent 4 }}
+
+  rules:
+    {{- range ($extra.paths | default (list "/")) }}
+    - matches:
+        - path:
+            value: {{ . | quote }}
+      {{- if or $extra.timeoutSeconds $.Values.ingress.timeoutSeconds }}
+      timeouts:
+        backendRequest: {{ $extra.timeoutSeconds | default $.Values.ingress.timeoutSeconds }}s
+      {{- end }}
+      backendRefs:
+        - name: {{ include "generic-service.fullname" $ }}
+          port: {{ $extra.port | default $.Values.ingress.port }}
+    {{- end }}
+---
+{{- end }}
+{{- end }}
+{{- end }}

charts/generic-service/templates/httproute.yaml

@@ -0,0 +1,30 @@
+{{- if and .Values.ingress.enabled .Values.ingress.gateway.name }}
+
+apiVersion: gateway.networking.k8s.io/v1beta1
+kind: HTTPRoute
+metadata:
+  name: {{ include "generic-service.fullname" . }}
+  labels: {{- include "generic-service.top-level-labels" . | nindent 4 }}
+  annotations: {{ .Values.ingress.annotations | toYaml | nindent 4 }}
+
+spec:
+  parentRefs:
+    - {{ .Values.ingress.gateway | toYaml | nindent 6 }}
+
+  hostnames: {{ .Values.ingress.domains | toYaml | nindent 4 }}
+
+  rules:
+    {{- range ($.Values.ingress.paths | default (list "/")) }}
+    - matches:
+        - path:
+            value: {{ . | quote }}
+      {{- if $.Values.ingress.timeoutSeconds }}
+      timeouts:
+        backendRequest: {{ $.Values.ingress.timeoutSeconds }}s
+      {{- end }}
+      backendRefs:
+        - name: {{ include "generic-service.fullname" $ }}
+          port: {{ $.Values.ingress.port }}
+    {{- end }}
+
+{{- end }}

charts/generic-service/templates/ingress-extra.yaml

@@ -1,8 +1,8 @@
 {{- if and (and .Values.ingress.enabled .Values.ingress.extra) (not .Values.ingress.istio.enabled) }}
 {{- range $name, $extra := .Values.ingress.extra }}
-{{- if $extra.domains }}
-{{ $class := $extra.class | default $.Values.ingress.class }}
+{{- $class := $extra.class | default $.Values.ingress.class }}
 {{ $timeout := $extra.timeoutSeconds | default $.Values.ingress.timeoutSeconds }}
+{{- if and $extra.domains (or $class (and (not $extra.gateway) (not $.Values.ingress.gateway.name))) }}
 
 apiVersion: networking.k8s.io/v1
 kind: Ingress

charts/generic-service/templates/ingress.yaml

@@ -1,4 +1,4 @@
-{{- if and (and .Values.ingress.enabled .Values.ingress.domains) (not .Values.ingress.istio.enabled) }}
+{{- if and (and .Values.ingress.enabled .Values.ingress.domains) (and (not .Values.ingress.istio.enabled) (or .Values.ingress.class (not .Values.ingress.gateway.name))) }}
 
 apiVersion: networking.k8s.io/v1
 kind: Ingress

charts/generic-service/values.schema.json

@@ -589,10 +589,23 @@
           "type": "string",
           "description": "The ingress controller to use (not applicable if ingress.istio.enabled)"
         },
+        "gateway": {
+          "type": "object",
+          "properties": {
+            "namespace": {
+              "type": "string",
+              "description": "The namespace containing the Gateway to use"
+            },
+            "name": {
+              "type": "string",
+              "description": "The name of the Gateway to use (creates an HTTPRoute instead of an Ingress when set)"
+            }
+          }
+        },
         "annotations": {
           "type": "object",
           "additionalProperties": {"type": "string"},
-          "description": "Annotations for Ingress or VirtualService resource"
+          "description": "Annotations for Ingress, HTTPRoute or VirtualService resource"
         },
         "headless": {
           "type": "boolean",
@@ -648,6 +661,19 @@
                 "type": "string",
                 "description": "Additional ingress controller to use (not applicable if ingress.istio.enabled)"
               },
+              "gateway": {
+                "type": "object",
+                "properties": {
+                  "namespace": {
+                    "type": "string",
+                    "description": "The namespace containing the Gateway to use"
+                  },
+                  "name": {
+                    "type": "string",
+                    "description": "The name of the Gateway to use (creates an HTTPRoute instead of an Ingress when set)"
+                  }
+                }
+              },
               "port": {
                 "type": "integer",
                 "description": "The container port ingress traffic is routed to; defaults to value of ingress.port if not set"

charts/generic-service/values.yaml

@@ -121,6 +121,9 @@ ingress:
     allowCredentials: true
     exposeHeaders: []
   class: ''
+  # gateway:
+  #   namespace:
+  #   name:
   annotations: {}
   headless: false
   headlessExposesAll: false