diff --git a/helm-charts/azure-api-management-gateway/templates/configmap.yaml b/helm-charts/azure-api-management-gateway/templates/configmap.yaml index 9992c54..184f796 100644 --- a/helm-charts/azure-api-management-gateway/templates/configmap.yaml +++ b/helm-charts/azure-api-management-gateway/templates/configmap.yaml @@ -18,6 +18,10 @@ data: {{- if .Values.gateway.auth.azureAd.authority }} config.service.auth.azureAd.authority : {{ .Values.gateway.auth.azureAd.authority | quote }} {{- end }} +{{- end }} +{{- if .Values.ingress.controller.enabled }} + k8s.ingress.enabled : {{ .Values.ingress.controller.enabled | quote }} + k8s.ingress.namespace : {{ .Values.ingress.controller.namespace | default ( .Release.Namespace ) | quote }} {{- end }} telemetry.metrics.cloud: {{ .Values.observability.azureMonitor.metrics.enabled | quote }} telemetry.logs.std: {{ .Values.observability.logs.std.format | quote }} diff --git a/helm-charts/azure-api-management-gateway/templates/ingress-controller.yaml b/helm-charts/azure-api-management-gateway/templates/ingress-controller.yaml new file mode 100644 index 0000000..183bfec --- /dev/null +++ b/helm-charts/azure-api-management-gateway/templates/ingress-controller.yaml @@ -0,0 +1,63 @@ +{{- $doesSupportStableIngress := .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}} +{{- if and (.Values.ingress.controller.enabled) ($doesSupportStableIngress) -}} +apiVersion: networking.k8s.io/v1 +kind: IngressClass +metadata: + name: {{ include "azure-api-management-gateway.fullname" . }} + labels: + {{- include "azure-api-management-gateway.labels" . | nindent 4 }} + {{- with .Values.ingress.controller.ingressClass.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + controller: {{ .Values.ingress.controller.ingressClass.controller | quote }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "azure-api-management-gateway.fullname" . }}-rbac + labels: + {{- include "azure-api-management-gateway.labels" . | nindent 4 }} +rules: + - apiGroups: + - "" + resources: + - secrets + - namespaces + verbs: + - get + - watch + - get + - apiGroups: + - "" + resources: + - services + verbs: + - get + - watch + - get + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - list + - watch + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "azure-api-management-gateway.fullname" . }} + labels: + {{- include "azure-api-management-gateway.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "azure-api-management-gateway.fullname" . }}-rbac +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccountName }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/azure-api-management-gateway/templates/ingress-stable.yaml b/helm-charts/azure-api-management-gateway/templates/ingress-stable.yaml deleted file mode 100644 index dd91ae1..0000000 --- a/helm-charts/azure-api-management-gateway/templates/ingress-stable.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- $doesSupportStableIngress := .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}} -{{- if and (.Values.ingress.enabled) ($doesSupportStableIngress) -}} -{{- $fullName := include "azure-api-management-gateway.fullname" . -}} -{{- $httpPort := .Values.service.ports.http -}} -{{- $httpsPort := .Values.service.ports.https -}} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "azure-api-management-gateway.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: -{{- if .Values.ingress.ingressClassName }} - ingressClassName: {{ .Values.ingress.ingressClassName }} -{{- end }} -{{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range $host := .Values.ingress.hosts }} - - host: {{ $host.host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ . }} - pathType: Prefix - backend: - service: - name: {{ $fullName }} - port: - {{- if $host.useHttpsBackend }} - number: {{ default $httpsPort }} - {{- else }} - number: {{ $httpPort }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/helm-charts/azure-api-management-gateway/templates/pod-disruption-budget.yml b/helm-charts/azure-api-management-gateway/templates/pod-disruption-budget.yaml similarity index 100% rename from helm-charts/azure-api-management-gateway/templates/pod-disruption-budget.yml rename to helm-charts/azure-api-management-gateway/templates/pod-disruption-budget.yaml diff --git a/helm-charts/azure-api-management-gateway/values.yaml b/helm-charts/azure-api-management-gateway/values.yaml index 8ed33f2..9bb0b73 100644 --- a/helm-charts/azure-api-management-gateway/values.yaml +++ b/helm-charts/azure-api-management-gateway/values.yaml @@ -127,19 +127,14 @@ service: annotations: {} ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - useHttpsBackend: false - paths: [] - - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local + # Experimental feature: See https://github.com/Azure/api-management-self-hosted-gateway-ingress + controller: + enabled: false + namespace: "" + annotations: [] + ingressClass: + controller: "azure-api-management/gateway" + annotations: [] serviceAccountName: default