Skip to content

Net 7238 - consul k8s modify gateway resources job to create apigw gatewayclass and gatewayclassconfig #3564

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sarahalsmiller merged 15 commits into from
Feb 12, 2024
Merged

Net 7238 - consul k8s modify gateway resources job to create apigw gatewayclass and gatewayclassconfig #3564

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
cea1249
configmap update
sarahalsmiller Feb 5, 2024
edc7229
udpate chart to respect api-gateway-config
sarahalsmiller Feb 6, 2024
16e1e6a
fix typo
sarahalsmiller Feb 6, 2024
01d765c
added unit tests, added some stuff missed in initial pass
sarahalsmiller Feb 9, 2024
acff3ea
added thorough unit tests for gateway-resources-configmap.yaml
sarahalsmiller Feb 9, 2024
5a9a60d
remove unneeded extra line
sarahalsmiller Feb 12, 2024
c8208b2
additional debugging
sarahalsmiller Feb 12, 2024
d24e64b
test
sarahalsmiller Feb 12, 2024
5ccf4e2
test
sarahalsmiller Feb 12, 2024
7b4cdd5
remove extra escapes
sarahalsmiller Feb 12, 2024
3095815
final test
sarahalsmiller Feb 12, 2024
03af49f
test again
sarahalsmiller Feb 12, 2024
65cf112
one more test
sarahalsmiller Feb 12, 2024
83902ba
this should work
sarahalsmiller Feb 12, 2024
b8bba78
fix spacing issue
sarahalsmiller Feb 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 66 additions & 3 deletions charts/consul/templates/gateway-resources-configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,10 @@ data:
resources.json: |
{{ toJson .Values.connectInject.apiGateway.managedGatewayClass.resources }}
{{- end }}
{{- if and (mustHas "resource-apis" .Values.global.experiments) .Values.meshGateway.enabled }}
{{- if and (mustHas "resource-apis" .Values.global.experiments) (or .Values.meshGateway.enabled .Values.connectInject.apiGateway.managedGatewayClass) }}
config.yaml: |
gatewayClassConfigs:
{{- if .Values.meshGateway.enabled }}
- apiVersion: mesh.consul.hashicorp.com/v2beta1
metadata:
name: consul-mesh-gateway
Expand Down Expand Up @@ -87,7 +88,8 @@ data:
min: {{ .Values.meshGateway.replicas }}
max: {{ .Values.meshGateway.replicas }}
{{- if .Values.meshGateway.tolerations }}
tolerations: {{ fromYamlArray .Values.meshGateway.tolerations | toJson }}
tolerations:
{{ fromYamlArray .Values.meshGateway.tolerations | toJson }}
{{- end }}
service:
{{- if .Values.meshGateway.service.annotations }}
Expand All @@ -100,14 +102,74 @@ data:
annotations:
set: {{ toJson .Values.meshGateway.serviceAccount.annotations }}
{{- end }}
{{- end }}
{{- if .Values.connectInject.apiGateway.managedGatewayClass }}
- apiVersion: mesh.consul.hashicorp.com/v2beta1
metadata:
name: consul-api-gateway
kind: GatewayClassConfig
spec:
labels:
set:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
component: api-gateway
{{- if .Values.connectInject.apiGateway.managedGatewayClass.copyAnnotations }}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.copyAnnotations.service }}
annotations:
service:
{{ fromYamlArray .Values.connectInject.apiGateway.managedGatewayClass.copyAnnotations.service.annotations | toYaml }}
{{- end}}
{{- end}}
deployment:
{{- if .Values.connectInject.apiGateway.managedGatewayClass.nodeSelector }}
nodeSelector:
{{ fromYamlArray .Values.connectInject.apiGateway.managedGatewayClass.nodeSelector | toYaml }}
{{- end }}
initContainer:
{{- if .Values.connectInject.apiGateway.managedGatewayClass.mapPrivilegedContainerPorts }}
portModifier: {{ .Values.connectInject.apiGateway.managedGatewayClass.mapPrivilegedContainerPorts }}
{{- end }}
consul:
logging:
level: {{ .Values.global.logLevel }}
container:
{{- if .Values.connectInject.apiGateway.managedGatewayClass.mapPrivilegedContainerPorts }}
portModifier: {{ .Values.connectInject.apiGateway.managedGatewayClass.mapPrivilegedContainerPorts }}
{{- end }}
consul:
logging:
level: {{ .Values.global.logLevel }}
replicas:
default: {{ .Values.connectInject.apiGateway.managedGatewayClass.deployment.defaultInstances }}
min: {{ .Values.connectInject.apiGateway.managedGatewayClass.deployment.minInstances }}
max: {{ .Values.connectInject.apiGateway.managedGatewayClass.deployment.maxInstances }}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.tolerations }}
tolerations:
{{ fromYamlArray .Values.connectInject.apiGateway.managedGatewayClass.tolerations | toYaml }}
{{- end }}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.service }}
service:
annotations:
set: {{ toYaml .Values.connectInject.apiGateway.managedGatewayClass.service.annotations }}
{{- end }}
type: {{ .Values.connectInject.apiGateway.managedGatewayClass.serviceType }}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.serviceAccount }}
serviceAccount:
annotations:
set: {{ toYaml .Values.connectInject.apiGateway.managedGatewayClass.serviceAccount.annotations }}
{{- end }}
{{- end }}
{{- if .Values.meshGateway.enabled }}
meshGateways:
- apiVersion: mesh.consul.hashicorp.com/v2beta1
kind: MeshGateway
metadata:
name: mesh-gateway
namespace: {{ .Release.Namespace }}
annotations:
# TODO are these annotations even necessary?
"consul.hashicorp.com/gateway-wan-address-source": {{ .Values.meshGateway.wanAddress.source | quote }}
"consul.hashicorp.com/gateway-wan-address-static": {{ .Values.meshGateway.wanAddress.static | quote }}
{{- if eq .Values.meshGateway.wanAddress.source "Service" }}
Expand All @@ -128,5 +190,6 @@ data:
workloads:
prefixes:
- "mesh-gateway"
{{- end }}
{{- end }}
{{- end }}
237 changes: 228 additions & 9 deletions charts/consul/test/unit/gateway-resources-configmap.bats
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,28 @@ target=templates/gateway-resources-configmap.yaml
}


#--------------------------------------------------------------------
# API Gateway logLevel configuration

@test "gateway-resources/ConfigMap: API Gateway logLevel default configuration" {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'meshGateway.enabled=false' \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.container.consul.logging.level')
[ "${actual}" = 'info' ]

local actual=$(echo "$config" | yq -r '.initContainer.consul.logging.level')
[ "${actual}" = 'info' ]
}



@test "gateway-resources/ConfigMap: Mesh Gateway logLevel custom global configuration" {
cd `chart_dir`
local config=$(helm template \
Expand Down Expand Up @@ -199,16 +221,17 @@ target=templates/gateway-resources-configmap.yaml
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.meshGateways[0].metadata.annotations' | tee /dev/stderr)

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-address-source"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-address-source"]')
[ "${actual}" = 'Service' ]

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-port"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-port"]')
[ "${actual}" = '443' ]

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-address-static"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-address-static"]')
[ "${actual}" = '' ]
}


@test "gateway-resources/ConfigMap: Mesh Gateway WAN Address NodePort annotations" {
cd `chart_dir`
local annotations=$(helm template \
Expand All @@ -223,13 +246,13 @@ target=templates/gateway-resources-configmap.yaml
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.meshGateways[0].metadata.annotations' | tee /dev/stderr)

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-address-source"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-address-source"]')
[ "${actual}" = 'Service' ]

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-port"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-port"]')
[ "${actual}" = '30000' ]

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-address-static"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-address-static"]')
[ "${actual}" = '' ]
}

Expand All @@ -246,13 +269,209 @@ target=templates/gateway-resources-configmap.yaml
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.meshGateways[0].metadata.annotations' | tee /dev/stderr)

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-address-source"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-address-source"]')
[ "${actual}" = 'Static' ]

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-port"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-port"]')
[ "${actual}" = '443' ]

local actual=$(echo "$annotations" | jq -r '.["consul.hashicorp.com/gateway-wan-address-static"]')
local actual=$(echo "$annotations" | yq -r '.["consul.hashicorp.com/gateway-wan-address-static"]')
[ "${actual}" = '127.0.0.1' ]
}

#--------------------------------------------------------------------
# API Gateway Tests mapPrivilageContainerPorts

@test "gateway-resources/ConfigMap: API Gateway mapPrivilageContainerPorts empty by default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.container.portModifier')

[ "${actual}" = 'null' ]

local actual=$(echo "$config" | yq -r '.initContainer.portModifier')

[ "${actual}" = 'null' ]
}


@test "gateway-resources/ConfigMap: API Gateway mapPrivilageContainerPorts overrides default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
--set 'connectInject.apiGateway.managedGatewayClass.mapPrivilegedContainerPorts=80' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.container.portModifier')

[ "${actual}" = '80' ]

local actual=$(echo "$config" | yq -r '.initContainer.portModifier')

[ "${actual}" = '80' ]
}

#--------------------------------------------------------------------
# API Gateway Tests deployment replicas

@test "gateway-resources/ConfigMap: API Gateway deploymentConfig overrides default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
--set 'connectInject.apiGateway.managedGatewayClass.deployment.defaultInstances=2' \
--set 'connectInject.apiGateway.managedGatewayClass.deployment.maxInstances=3' \
--set 'connectInject.apiGateway.managedGatewayClass.deployment.minInstances=1' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.replicas.default')
[ "${actual}" = '2' ]

local actual=$(echo "$config" | yq -r '.replicas.min')
[ "${actual}" = '1' ]

local actual=$(echo "$config" | yq -r '.replicas.max')
[ "${actual}" = '3' ]
}

@test "gateway-resources/ConfigMap: API Gateway deploymentConfig default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.replicas.default')
[ "${actual}" = '1' ]

local actual=$(echo "$config" | yq -r '.replicas.min')
[ "${actual}" = '1' ]

local actual=$(echo "$config" | yq -r '.replicas.max')
[ "${actual}" = '1' ]
}

#--------------------------------------------------------------------
# API Gateway Tests nodeSelector

@test "gateway-resources/ConfigMap: API Gateway nodeSelector overrides default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
--set 'connectInject.apiGateway.managedGatewayClass.nodeSelector=- key: value' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.nodeSelector[0].key')
echo ${actual}

[ "${actual}" = 'value' ]
}

@test "gateway-resources/ConfigMap: API Gateway nodeSelector default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.nodeSelector')
[ "${actual}" = 'null' ]
}

#--------------------------------------------------------------------
# API Gateway Tests tolerations

@test "gateway-resources/ConfigMap: API Gateway tolerations overrides default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
--set 'connectInject.apiGateway.managedGatewayClass.tolerations=- key: value' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.tolerations[0].key')
echo "${actual}"

[ "${actual}" = 'value' ]
}



@test "gateway-resources/ConfigMap: API Gateway tolerations default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.deployment' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.tolerations')
[ "${actual}" = 'null' ]
}


#--------------------------------------------------------------------
# API Gateway Tests copyAnnotations

@test "gateway-resources/ConfigMap: API Gateway copyAnnotations overrides default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
--set 'connectInject.apiGateway.managedGatewayClass.copyAnnotations.service.annotations=- annotation.name' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.annotations' | tee /dev/stderr)

local actual=$(echo "$config" | yq -r '.service[0]')
echo "${actual}"
[ "${actual}" = 'annotation.name' ]
}

@test "gateway-resources/ConfigMap: API Gateway copyAnnotations default {
cd `chart_dir`
local config=$(helm template \
-s $target \
--set 'global.experiments[0]=resource-apis' \
--set 'ui.enabled=false' \
--set 'global.logLevel=error' \
. | tee /dev/stderr |
yq -r '.data["config.yaml"]' | yq -r '.gatewayClassConfigs[0].spec.annotations' | tee /dev/stderr)

local actual=$(echo "$config" | jq -r '.service')
[ "${actual}" = 'null' ]
}


#--------------------------------------------------------------------
# TODO openShiftSSCName