diff --git a/kubernetes/gateway-operator/config/gateway_values.yaml b/kubernetes/gateway-operator/config/gateway_values.yaml index 49aef0184..0f2b54b86 100644 --- a/kubernetes/gateway-operator/config/gateway_values.yaml +++ b/kubernetes/gateway-operator/config/gateway_values.yaml @@ -28,6 +28,18 @@ gateway: xds_port: 18000 shutdown_timeout: 15s gateway_id: "platform-gateway-id" + controlplane: + insecure_skip_verify: false + reconnect_initial: 1s + reconnect_max: 5m + polling_interval: 15m + deployment_push_enabled: false + sync_batch_size: 50 + gateway_name: "" + apim_oauth2_client_id: "" + apim_oauth2_client_secret: "" + apim_oauth2_username: "" + apim_oauth2_password: "" policy_server: port: 18001 tls: @@ -140,6 +152,10 @@ gateway: level: info format: json + immutable_gateway: + enabled: false + artifacts_dir: "/etc/api-platform-gateway/immutable_gateway/artifacts" + # Raw TOML appended to generated config.toml (see gateway chart values.yaml) config_toml: "" diff --git a/kubernetes/helm/gateway-helm-chart/templates/gateway/gateway-config.yaml b/kubernetes/helm/gateway-helm-chart/templates/gateway/gateway-config.yaml index ac5580dbe..333671e0c 100644 --- a/kubernetes/helm/gateway-helm-chart/templates/gateway/gateway-config.yaml +++ b/kubernetes/helm/gateway-helm-chart/templates/gateway/gateway-config.yaml @@ -48,6 +48,11 @@ data: polling_interval = {{ $gc.controlplane.polling_interval | quote }} deployment_push_enabled = {{ $gc.controlplane.deployment_push_enabled }} sync_batch_size = {{ $gc.controlplane.sync_batch_size }} + gateway_name = {{ $gc.controlplane.gateway_name | quote }} + apim_oauth2_client_id = {{ $gc.controlplane.apim_oauth2_client_id | quote }} + apim_oauth2_client_secret = {{ $gc.controlplane.apim_oauth2_client_secret | quote }} + apim_oauth2_username = {{ $gc.controlplane.apim_oauth2_username | quote }} + apim_oauth2_password = {{ $gc.controlplane.apim_oauth2_password | quote }} {{- range $gc.encryption.providers }} [[controller.encryption.providers]] @@ -228,6 +233,12 @@ data: {{ dict "policy_configurations" .Values.gateway.config.policy_configurations | toToml | indent 4 }} {{- end }} + {{- if .Values.gateway.config.immutable_gateway }} + [immutable_gateway] + enabled = {{ .Values.gateway.config.immutable_gateway.enabled }} + artifacts_dir = {{ .Values.gateway.config.immutable_gateway.artifacts_dir | quote }} + {{- end }} + {{- if .Values.gateway.config_toml }} {{ .Values.gateway.config_toml | indent 4 }} {{- end }} diff --git a/kubernetes/helm/gateway-helm-chart/values.yaml b/kubernetes/helm/gateway-helm-chart/values.yaml index d27e1bccd..e3820b905 100644 --- a/kubernetes/helm/gateway-helm-chart/values.yaml +++ b/kubernetes/helm/gateway-helm-chart/values.yaml @@ -110,6 +110,17 @@ gateway: # Number of deployments to fetch per batch during startup sync sync_batch_size: 50 + # Friendly name shown for this gateway in the APIM control plane + gateway_name: "" + + # OAuth2 Option 1: Client Credentials flow + apim_oauth2_client_id: "" + apim_oauth2_client_secret: "" + + # OAuth2 Option 2: Resource Owner Password Credentials flow + apim_oauth2_username: "" + apim_oauth2_password: "" + # Encryption provider configuration for secret management. # File paths must match the mount path set in gateway.controller.encryptionKeys.mountPath. encryption: @@ -318,6 +329,11 @@ gateway: # Log format: json, text format: json + # Static API artifacts bundled with the gateway (see docs/gateway/immutable-gateway.md) + immutable_gateway: + enabled: false + artifacts_dir: "/etc/api-platform-gateway/immutable_gateway/artifacts" + # Raw TOML string to append to the generated config.toml # Use this for additional configuration not covered by the structured values above # Example: diff --git a/kubernetes/helm/operator-helm-chart/values.yaml b/kubernetes/helm/operator-helm-chart/values.yaml index 9b3423366..27918efc7 100644 --- a/kubernetes/helm/operator-helm-chart/values.yaml +++ b/kubernetes/helm/operator-helm-chart/values.yaml @@ -169,6 +169,38 @@ gateway: # Directory containing policy definitions definitions_path: ./default-policies + # Control plane connection configuration + # Note: host and token are set via gateway.controller.controlPlane and rendered as env vars in the deployment. + controlplane: + # Skip TLS certificate verification for the control plane connection (insecure, dev/test only) + insecure_skip_verify: false + + # Initial delay before retrying a failed control plane connection + reconnect_initial: 1s + + # Maximum delay between reconnection attempts (exponential backoff cap) + reconnect_max: 5m + + # How often to reconcile state with the control plane + polling_interval: 15m + + # Push API deployment events to the control plane + deployment_push_enabled: false + + # Number of deployments to fetch per batch during startup sync + sync_batch_size: 50 + + # Friendly name shown for this gateway in the APIM control plane + gateway_name: "" + + # OAuth2 Option 1: Client Credentials flow + apim_oauth2_client_id: "" + apim_oauth2_client_secret: "" + + # OAuth2 Option 2: Resource Owner Password Credentials flow + apim_oauth2_username: "" + apim_oauth2_password: "" + # Logging configuration logging: # Log level: "debug", "info", "warn", or "error" @@ -367,6 +399,11 @@ gateway: # Log format: json, text format: json + # Static API artifacts bundled with the gateway (see docs/gateway/immutable-gateway.md) + immutable_gateway: + enabled: false + artifacts_dir: "/etc/api-platform-gateway/immutable_gateway/artifacts" + policy_configurations: {} # metadata for the generated shared ConfigMap (annotations / labels) diff --git a/kubernetes/helm/resources/apim-apigateway-restapi-operator-demo/01-gateway-values-configmap.yaml b/kubernetes/helm/resources/apim-apigateway-restapi-operator-demo/01-gateway-values-configmap.yaml index 67992b981..acc91b220 100644 --- a/kubernetes/helm/resources/apim-apigateway-restapi-operator-demo/01-gateway-values-configmap.yaml +++ b/kubernetes/helm/resources/apim-apigateway-restapi-operator-demo/01-gateway-values-configmap.yaml @@ -14,6 +14,16 @@ data: controlplane: # Skip TLS certificate verification for the control plane connection (insecure, dev/test only) insecure_skip_verify: true + gateway_name: "" + # OAuth2 Option 1: Client Credentials flow + apim_oauth2_client_id: "" + apim_oauth2_client_secret: "" + # OAuth2 Option 2: Resource Owner Password Credentials flow + apim_oauth2_username: "" + apim_oauth2_password: "" + immutable_gateway: + enabled: false + artifacts_dir: "/etc/api-platform-gateway/immutable_gateway/artifacts" controller: controlPlane: host: host.docker.internal:9444 diff --git a/kubernetes/helm/resources/apim-gateway-api-operator-demo/01-gateway-values-configmap.yaml b/kubernetes/helm/resources/apim-gateway-api-operator-demo/01-gateway-values-configmap.yaml index 8149a48ea..a28c5a3e3 100644 --- a/kubernetes/helm/resources/apim-gateway-api-operator-demo/01-gateway-values-configmap.yaml +++ b/kubernetes/helm/resources/apim-gateway-api-operator-demo/01-gateway-values-configmap.yaml @@ -14,6 +14,16 @@ data: controlplane: # Skip TLS certificate verification for the control plane connection (insecure, dev/test only) insecure_skip_verify: true + gateway_name: "" + # OAuth2 Option 1: Client Credentials flow + apim_oauth2_client_id: "" + apim_oauth2_client_secret: "" + # OAuth2 Option 2: Resource Owner Password Credentials flow + apim_oauth2_username: "" + apim_oauth2_password: "" + immutable_gateway: + enabled: false + artifacts_dir: "/etc/api-platform-gateway/immutable_gateway/artifacts" controller: controlPlane: host: host.docker.internal:9444