nginxinc · ciarams87 · Aug 2, 2023 · Jul 26, 2023 · Jul 27, 2023 · Jul 27, 2023
@@ -18,6 +18,8 @@ TARGET ?= local## The target of the build. Possible values: local and container
 KIND_KUBE_CONFIG=$${HOME}/.kube/kind/config## The location of the kind kubeconfig
 OUT_DIR ?= $(shell pwd)/build/out## The folder where the binary will be stored
 ARCH ?= amd64## The architecture of the image and/or binary. For example: amd64 or arm64
+override HELM_TEMPLATE_COMMON_ARGS += --set creator=template --set nameOverride=nginx-gateway ## The common options for the Helm template command.
+override HELM_TEMPLATE_EXTRA_ARGS += --set service.create=false ## The options to be passed to the full Helm templating command only.
 override DOCKER_BUILD_OPTIONS += --build-arg VERSION=$(VERSION) --build-arg GIT_COMMIT=$(GIT_COMMIT) --build-arg DATE=$(DATE)## The options for the docker build command. For example, --pull
 
 .DEFAULT_GOAL := help
@@ -117,5 +119,13 @@ debug-build: build ## Build binary with debug info, symbols, and no optimization
 .PHONY: debug-container
 debug-container: debug-build container ## Build container with debug binary
 
+.PHONY: generate-manifests
+generate-manifests: ## Generate manifests using Helm.
+	helm template nginx-gateway $(CHART_DIR) $(HELM_TEMPLATE_COMMON_ARGS) $(HELM_TEMPLATE_EXTRA_ARGS) -n nginx-gateway | cat $(strip $(MANIFEST_DIR))/namespace.yaml - > $(strip $(MANIFEST_DIR))/nginx-gateway.yaml
+	helm template nginx-gateway $(CHART_DIR) $(HELM_TEMPLATE_COMMON_ARGS) -n nginx-gateway -s templates/deployment.yaml > conformance/provisioner/static-deployment.yaml
+	helm template nginx-gateway $(CHART_DIR) $(HELM_TEMPLATE_COMMON_ARGS) -n nginx-gateway -s templates/service.yaml > $(strip $(MANIFEST_DIR))/service/loadbalancer.yaml
+	helm template nginx-gateway $(CHART_DIR) $(HELM_TEMPLATE_COMMON_ARGS) --set service.annotations.'service\.beta\.kubernetes\.io\/aws-load-balancer-type'="nlb" -n nginx-gateway -s templates/service.yaml > $(strip $(MANIFEST_DIR))/service/loadbalancer-aws-nlb.yaml
+	helm template nginx-gateway $(CHART_DIR) $(HELM_TEMPLATE_COMMON_ARGS) --set service.type=NodePort -n nginx-gateway -s templates/service.yaml > $(strip $(MANIFEST_DIR))/service/nodeport.yaml
+
 .PHONY: dev-all
 dev-all: deps fmt njs-fmt vet lint unit-test njs-unit-test ## Run all the development checks
@@ -6,8 +6,11 @@ SUPPORTED_FEATURES = HTTPRoute,HTTPRouteQueryParamMatching,HTTPRouteMethodMatchi
 KIND_KUBE_CONFIG=$${HOME}/.kube/kind/config
 TAG = latest
 PREFIX = conformance-test-runner
-NKG_DEPLOYMENT_MANIFEST=../deploy/manifests/deployment.yaml
-NGINX_IMAGE=$(shell yq '.spec.template.spec.containers[1].image as $$nginx_ver | $$nginx_ver' $(NKG_DEPLOYMENT_MANIFEST))
+NKG_MANIFEST=../deploy/manifests/nginx-gateway.yaml
+SERVICE_MANIFEST=../deploy/manifests/service/nodeport.yaml
+STATIC_MANIFEST=provisioner/static-deployment.yaml
+PROVISIONER_MANIFEST=provisioner/provisioner.yaml
+NGINX_IMAGE=$(shell yq '.spec.template.spec.containers[1].image as $$nginx_ver | $$nginx_ver' $(STATIC_MANIFEST))
 .DEFAULT_GOAL := help
 
 .PHONY: help
@@ -35,43 +38,38 @@ preload-nginx-container: ## Preload NGINX container on configured kind cluster
 	kind load docker-image $(NGINX_IMAGE)
 
 .PHONY: update-nkg-manifest
-update-nkg-manifest: ## Update the NKG deployment manifest image name and imagePullPolicy
-	yq -i 'with(.spec.template.spec.containers[0]; .image = "$(NKG_PREFIX):$(NKG_TAG)" | .imagePullPolicy = "Never")' $(NKG_DEPLOYMENT_MANIFEST)
+update-nkg-manifest:
+	cd .. && make generate-manifests HELM_TEMPLATE_EXTRA_ARGS="--set nginxGateway.kind=skip" HELM_TEMPLATE_COMMON_ARGS="--set nginxGateway.image.repository=$(NKG_PREFIX) --set nginxGateway.image.tag=$(NKG_TAG) --set nginxGateway.image.pullPolicy=Never" && cd -
 
 .PHONY: build-nkg-image
-build-nkg-image: update-nkg-manifest ## Build NKG container and load it and NGINX container on configured kind cluster
+build-nkg-image: ## Build NKG container and load it and NGINX container on configured kind cluster
 	cd .. && make PREFIX=$(NKG_PREFIX) TAG=$(NKG_TAG) container
 
 .PHONY: load-images
 load-images: preload-nginx-container ## Load NKG and NGINX containers on configured kind cluster
 	kind load docker-image $(NKG_PREFIX):$(NKG_TAG)
 
 .PHONY: prepare-nkg-dependencies
-prepare-nkg-dependencies: ## Install NKG dependencies on configured kind cluster
+prepare-nkg-dependencies: update-nkg-manifest ## Install NKG dependencies on configured kind cluster
 	./scripts/install-gateway.sh $(GW_API_VERSION)
 	kubectl wait --for=condition=available --timeout=60s deployment gateway-api-admission-server -n gateway-system
-	kubectl apply -f ../deploy/manifests/namespace.yaml
-	cd .. && make generate-njs-yaml && cd -
-	kubectl apply -f ../deploy/manifests/njs-modules.yaml -n nginx-gateway
-	kubectl apply -f ../deploy/manifests/nginx-conf.yaml
-	kubectl apply -f ../deploy/manifests/rbac.yaml
-	kubectl apply -f ../deploy/manifests/gatewayclass.yaml
-	kubectl apply -f ../deploy/manifests/service/nodeport.yaml
+	kubectl apply -f $(NKG_MANIFEST)
+	kubectl apply -f $(SERVICE_MANIFEST)
 
 .PHONY: deploy-updated-provisioner
 deploy-updated-provisioner: ## Update provisioner manifest and deploy to the configured kind cluster
-	yq '(select(di != 3))' provisioner/provisioner.yaml | kubectl apply -f -
-	yq '(select(.spec.template.spec.containers[].image) | .spec.template.spec.containers[].image="$(NKG_PREFIX):$(NKG_TAG)" | .spec.template.spec.containers[].imagePullPolicy = "Never")' provisioner/provisioner.yaml | kubectl apply -f -
+	yq '(select(di != 3))' $(PROVISIONER_MANIFEST) | kubectl apply -f -
+	yq '(select(.spec.template.spec.containers[].image) | .spec.template.spec.containers[].image="$(NKG_PREFIX):$(NKG_TAG)" | .spec.template.spec.containers[].imagePullPolicy = "Never")' $(PROVISIONER_MANIFEST) | kubectl apply -f -
 
 .PHONY: install-nkg-local-build
-install-nkg-local-build: build-nkg-image load-images prepare-nkg-dependencies deploy-updated-provisioner ## Install NKG from local build with provisioner on configured kind cluster
+install-nkg-local-build: prepare-nkg-dependencies build-nkg-image load-images deploy-updated-provisioner ## Install NKG from local build with provisioner on configured kind cluster
 
-.PHONY: install-nkg-local-build
-install-nkg-local-no-build: load-images prepare-nkg-dependencies deploy-updated-provisioner ## Install NKG from local build with provisioner on configured kind cluster but do not build the NKG image
+.PHONY: install-nkg-local-no-build
+install-nkg-local-no-build: prepare-nkg-dependencies load-images deploy-updated-provisioner ## Install NKG from local build with provisioner on configured kind cluster but do not build the NKG image
 
 .PHONY: install-nkg-edge
 install-nkg-edge: preload-nginx-container prepare-nkg-dependencies ## Install NKG with provisioner from edge on configured kind cluster
-	kubectl apply -f provisioner/provisioner.yaml
+	kubectl apply -f $(PROVISIONER_MANIFEST)
 
 .PHONY: run-conformance-tests
 run-conformance-tests: ## Run conformance tests
@@ -89,16 +87,18 @@ cleanup-conformance-tests: ## Clean up conformance tests fixtures
 	kubectl delete -f tests/conformance-rbac.yaml
 
 .PHONY: uninstall-nkg
-uninstall-nkg: ## Uninstall NKG on configured kind cluster
+uninstall-nkg: uninstall-k8s-components undo-manifests-update ## Uninstall NKG on configured kind cluster and undo manifest changes
+
+.PHONY: uninstall-k8s-components
+uninstall-k8s-components: ## Uninstall installed components on configured kind cluster
+	kubectl delete -f $(NKG_MANIFEST)
 	./scripts/uninstall-gateway.sh $(GW_API_VERSION)
-	kubectl delete -f ../deploy/manifests/rbac.yaml
-	kubectl delete -f ../deploy/manifests/namespace.yaml
 	kubectl delete clusterrole nginx-gateway-provisioner
 	kubectl delete clusterrolebinding nginx-gateway-provisioner
 
-.PHONY: undo-image-update
-undo-image-update: ## Undo the NKG image name and tag in deployment manifest
-	git checkout -- $(NKG_DEPLOYMENT_MANIFEST)
+.PHONY: undo-manifests-update
+undo-manifests-update: ## Undo the changes in the manifest files
+	cd .. && make generate-manifests && cd -
 
 .PHONY: reset-go-modules
 reset-go-modules: ## Reset the go modules changes

@@ -31,10 +31,9 @@ preload-nginx-container        Preload NGINX container on configured kind cluste
 prepare-nkg-dependencies       Install NKG dependencies on configured kind cluster
 reset-go-modules               Reset the go modules changes
 run-conformance-tests          Run conformance tests
-undo-image-update              Undo the NKG image name and tag in deployment manifest
-uninstall-nkg                  Uninstall NKG on configured kind cluster
+undo-manifests-update          Undo the changes in the manifest files
+uninstall-nkg                  Uninstall NKG on configured kind cluster and undo manifest changes
 update-go-modules              Update the gateway-api go modules to latest main version
-update-nkg-manifest            Update the NKG deployment manifest image name and imagePullPolicy
 ```
 
 **Note:** The following variables are configurable when running the below `make` commands:
@@ -50,8 +49,11 @@ update-nkg-manifest            Update the NKG deployment manifest image name and
 | GATEWAY_CLASS           | nginx                                                                                                         | The gateway class that should be used for the tests                                                                       |
 | SUPPORTED_FEATURES      | HTTPRoute,HTTPRouteQueryParamMatching, HTTPRouteMethodMatching,HTTPRoutePortRedirect, HTTPRouteSchemeRedirect | The supported features that should be tested by the conformance tests. Ensure the list is comma separated with no spaces. |
 | EXEMPT_FEATURES         | ReferenceGrant                                                                                                | The features that should not be tested by the conformance tests                                                           |
-| NGINX_IMAGE             | as defined in the ../deploy/manifests/deployment.yaml file                                                    | The NGINX image for the NKG deployments                                                                                   |
-| NKG_DEPLOYMENT_MANIFEST | ../deploy/manifests/deployment.yaml                                                                           | The location of the NKG deployment manifest                                                                               |
+| NGINX_IMAGE             | as defined in the provisioner/static-deployment.yaml file                                                    | The NGINX image for the NKG deployments                                                                                   |
+| NKG_MANIFEST | ../deploy/manifests/nginx-gateway.yaml                                                                           | The location of the NKG manifest                                                                               |
+| SERVICE_MANIFEST | ../deploy/manifests/service/nodeport.yaml                                                                          | The location of the NKG Service manifest                                                                               |
+| STATIC_MANIFEST | provisioner/static-deployment.yaml                                                                           | The location of the NKG static deployment manifest                                                                               |
+| PROVISIONER_MANIFEST | provisioner/provisioner.yaml                                                                           | The location of the NKG provisioner manifest                                                                               |
 
 ### Step 1 - Create a kind Cluster
 
@@ -77,27 +79,17 @@ make install-nkg-local-build
 ```
 
 #### *Option 2* Install Nginx Kubernetes Gateway from local already built image to configured kind cluster
+You can optionally skip the actual *build* step.
 
 ```makefile
 make install-nkg-local-no-build
 ```
 
-**Note:** You can optionally skip the actual *build* step. However, if choosing
-this option, the following step *must* be completed manually *before* the build step:
-
-- Set NKG_PREFIX=<nkg_repo_name> NKG_TAG=<nkg_image_tag> to preferred values.
-- Navigate to `deploy/manifests` and update values in `deployment.yaml` as specified in below code-block.
-- Save the changes.
-
- ```text
- .
- ..
- containers:
- - image: <nkg_repo_name>:<nkg_image_tag>
-   imagePullPolicy: Never
- ..
- .
- ```
+> Note:  If choosing this option, the following step *must* be completed manually *before* the build step:
+
+```makefile
+make update-nkg-manifest NKG_PREFIX=<nkg_repo_name> NKG_TAG=<nkg_image_tag>
+```
 
 #### *Option 3* Install Nginx Kubernetes Gateway from edge to configured kind cluster
 You can also skip the build NKG image step and prepare the environment to instead use the `edge` image
@@ -153,15 +145,7 @@ make uninstall-nkg
 make reset-go-modules
 ```
 
-### Step 7 - Revert changes to the NKG deployment manifest
-**Optional** Not required if using `edge` image
-**Warning**: `make undo-image-update` will hard reset changes to the deploy/manifests/deployment.yaml file!
-
-```makefile
-make undo-image-update
-```
-
-### Step 8 - Delete kind cluster
+### Step 7 - Delete kind cluster
 
 ```makefile
 make delete-kind-cluster

@@ -0,0 +1,101 @@
+---
+# Source: nginx-kubernetes-gateway/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-gateway
+  namespace: nginx-gateway
+  labels:
+    app.kubernetes.io/name: nginx-gateway
+    app.kubernetes.io/instance: nginx-gateway
+    app.kubernetes.io/version: "0.5.0"
+spec:
+  # We only support a single replica for now
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx-gateway
+      app.kubernetes.io/name: nginx-gateway
+      app.kubernetes.io/instance: nginx-gateway
+  template:
+    metadata:
+      labels:
+        app: nginx-gateway
+        app.kubernetes.io/name: nginx-gateway
+        app.kubernetes.io/instance: nginx-gateway
+    spec:
+      containers:
+      - args:
+        - static-mode
+        - --gateway-ctlr-name=k8s-gateway.nginx.org/nginx-gateway-controller
+        - --gatewayclass=nginx
+        env:
+        - name: POD_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.podIP
+        image: ghcr.io/nginxinc/nginx-kubernetes-gateway:edge
+        imagePullPolicy: Always
+        name: nginx-gateway
+        securityContext:
+          capabilities:
+            add:
+            - KILL
+            drop:
+            - ALL
+          runAsUser: 1001
+        volumeMounts:
+        - mountPath: /etc/nginx
+          name: nginx
+      - image: nginx:1.25
+        imagePullPolicy: Always
+        name: nginx
+        ports:
+        - containerPort: 80
+          name: http
+        - containerPort: 443
+          name: https
+        securityContext:
+          capabilities:
+            add:
+            - CHOWN
+            - NET_BIND_SERVICE
+            - SETGID
+            - SETUID
+            - DAC_OVERRIDE
+            drop:
+            - ALL
+        volumeMounts:
+        - mountPath: /etc/nginx
+          name: nginx
+        - mountPath: /etc/nginx/nginx.conf
+          name: nginx-conf
+          subPath: nginx.conf
+        - mountPath: /var/lib/nginx
+          name: var-lib-nginx
+        - mountPath: /usr/lib/nginx/modules/njs
+          name: njs-modules
+      initContainers:
+      - command:
+        - sh
+        - -c
+        - rm -r /etc/nginx/conf.d /etc/nginx/secrets; mkdir /etc/nginx/conf.d /etc/nginx/secrets
+          && chown 1001:0 /etc/nginx/conf.d /etc/nginx/secrets
+        image: busybox:1.36
+        name: set-permissions
+        volumeMounts:
+        - mountPath: /etc/nginx
+          name: nginx
+      serviceAccountName: nginx-gateway
+      shareProcessNamespace: true
+      volumes:
+      - emptyDir: {}
+        name: nginx
+      - configMap:
+          name: nginx-gateway-conf
+        name: nginx-conf
+      - emptyDir: {}
+        name: var-lib-nginx
+      - configMap:
+          name: nginx-gateway-njs-modules
+        name: njs-modules
@@ -3,7 +3,7 @@ name: nginx-kubernetes-gateway
 description: NGINX Kubernetes Gateway
 type: application
 version: 0.1.0
-appVersion: "0.4.0"
+appVersion: "0.5.0"
 home: https://github.com/nginxinc/nginx-kubernetes-gateway
 icon: https://raw.githubusercontent.com/nginxinc/nginx-kubernetes-gateway/tree/main/deploy/helm-chart/chart-icon.png
 sources:

@@ -87,9 +87,10 @@ To uninstall/delete the release `my-release`:
 
 ```shell
 helm uninstall my-release -n nginx-gateway
+kubectl delete ns nginx-gateway
 ```
 
-The command removes all the Kubernetes components associated with the release and deletes the release.
+These commands remove all the Kubernetes components associated with the release and deletes the release.
 
 ### Uninstalling the Gateway Resources
 
@@ -114,6 +115,7 @@ The following tables lists the configurable parameters of the NGINX Kubernetes G
 |`nginxGateway.image.pullPolicy` | The `imagePullPolicy` for the NGINX Kubernetes Gateway image. | Always |
 |`nginxGateway.gatewayClassName` | The name of the GatewayClass for the NGINX Kubernetes Gateway deployment. | nginx |
 |`nginxGateway.gatewayControllerName` | The name of the Gateway controller. The controller name must be of the form: DOMAIN/PATH. The controller's domain is k8s-gateway.nginx.org. | k8s-gateway.nginx.org/nginx-gateway-controller |
+|`nginxGateway.kind` | The kind of the NGINX Kubernetes Gateway installation - currently, only deployment is supported. | deployment |
 |`nginx.image.repository` | The repository for the NGINX image. | nginx |
 |`nginx.image.tag` | The tag for the NGINX image. | 1.25 |
 |`nginx.image.pullPolicy` | The `imagePullPolicy` for the NGINX image. | Always |

@@ -34,12 +34,14 @@ Create chart name and version as used by the chart label.
 Common labels
 */}}
 {{- define "nginx-gateway.labels" -}}
-helm.sh/chart: {{ include "nginx-gateway.chart" . }}
 {{ include "nginx-gateway.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
+{{- if eq (default "helm" .Values.creator) "helm" }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
+helm.sh/chart: {{ include "nginx-gateway.chart" . }}
+{{- end -}}
 {{- end }}
 
 {{/*

@@ -1,7 +1,9 @@
+{{- if eq .Values.nginxGateway.kind "deployment" }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ include "nginx-gateway.fullname" . }}
+  namespace: {{ .Release.Namespace }}
   labels:
   {{- include "nginx-gateway.labels" . | nindent 4 }}
 spec:
@@ -28,7 +30,7 @@ spec:
             fieldRef:
               fieldPath: status.podIP
         image: {{ .Values.nginxGateway.image.repository }}:{{ .Values.nginxGateway.image.tag | default .Chart.AppVersion }}
-        imagePullPolicy: {{ .Values.nginxGateway.imagePullPolicy }}
+        imagePullPolicy: {{ .Values.nginxGateway.image.pullPolicy }}
         name: nginx-gateway
         securityContext:
           capabilities:
@@ -41,7 +43,7 @@ spec:
         - mountPath: /etc/nginx
           name: nginx
       - image: {{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}
-        imagePullPolicy: {{ .Values.nginx.imagePullPolicy }}
+        imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}
         name: nginx
         ports:
         - containerPort: 80
@@ -92,3 +94,4 @@ spec:
       - configMap:
           name: {{ include "nginx-gateway.njs-modules" . }}
         name: njs-modules
+{{- end }}
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: {{ include "nginx-gateway.nginx-conf" . }}
+  namespace: {{ .Release.Namespace }}
   labels:
   {{- include "nginx-gateway.labels" . | nindent 4 }}
 data:

@@ -2,6 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: {{ include "nginx-gateway.njs-modules" . }}
+  namespace: {{ .Release.Namespace }}
   labels:
   {{- include "nginx-gateway.labels" . | nindent 4 }}
 data:

@@ -2,6 +2,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ include "nginx-gateway.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
   labels:
   {{- include "nginx-gateway.labels" . | nindent 4 }}
   annotations: