feat: add Kubernetes Gateway API v1 resources and data sources#2863
Draft
Ret2Me wants to merge 3 commits intohashicorp:mainfrom
Draft
feat: add Kubernetes Gateway API v1 resources and data sources#2863Ret2Me wants to merge 3 commits intohashicorp:mainfrom
Ret2Me wants to merge 3 commits intohashicorp:mainfrom
Conversation
Implements resources and data sources for all Gateway API v1 types using the gateway.networking.k8s.io API group (sigs.k8s.io/gateway-api v1.5.1). New resources: - kubernetes_gateway_class_v1 - kubernetes_gateway_v1 (listeners, TLS, addresses, infrastructure) - kubernetes_http_route_v1 (matches, filters, session persistence, retry, timeouts) - kubernetes_grpc_route_v1 (method/header matching, session persistence) - kubernetes_tls_route_v1 (SNI passthrough and termination) - kubernetes_reference_grant_v1 (cross-namespace routing grants) - kubernetes_backend_tls_policy_v1 (TLS validation, SubjectAltNames) - kubernetes_listener_set_v1 (experimental listener attachment) Each resource ships with a matching read-only data source. All resources support import via namespace/name. Provider registration updated in provider.go. Dependencies added to go.mod/go.sum.
|
|
|
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
Author
|
Sorry for delivering everything as one commit. I realize that's messy. The problem is the code is from an internal much bigger project repo, and I can't share the original commit history. Thanks for your understanding and sorry again for the hassle. |
Author
|
Also, your Atlassian integration pipeline is broken, it's calling a deprecated endpoint. API call GET /rest/api/3/search failed (410): The requested API has been removed. Please migrate to /rest/api/3/search/jql |
- Unit tests (gateway_flatten_expand_test.go): expand/flatten roundtrips for all 8 resource types covering nested structures, optional fields, and edge cases - Per-resource acceptance tests covering basic CRUD, update, and import - Cross-cutting tests (complex, realworld, service-mesh): multi-rule HTTPRoute with all filter types and update step, cross-namespace routing via ReferenceGrant, GRPCRoute method routing, TLS termination, CORS with session persistence, canary with RequestMirror, BackendTLSPolicy SubjectAltNames, API gateway pattern (redirect/retry/rewrite) - Data source acceptance tests for all 7 data sources that lacked coverage
Ret2Me
changed the title
Ret2Me
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rollback Plan
If a change needs to be reverted, we will publish an updated version of the library.
Changes to Security Controls
No changes to security controls. The new resources are read/write wrappers around
existing Kubernetes Gateway API objects and follow the same RBAC model as other
namespaced resources in this provider.
Description
Adds support for the Kubernetes Gateway API
(
gateway.networking.k8s.io), which is the standard successor to the Ingress APIfor managing L4/L7 traffic routing. All resources target the v1 API group
(
sigs.k8s.io/gateway-api v1.5.1).New resources and data sources:
kubernetes_gateway_class_v1/data.kubernetes_gateway_class_v1kubernetes_gateway_v1/data.kubernetes_gateway_v1kubernetes_http_route_v1/data.kubernetes_http_route_v1kubernetes_grpc_route_v1/data.kubernetes_grpc_route_v1kubernetes_tls_route_v1/data.kubernetes_tls_route_v1kubernetes_reference_grant_v1/data.kubernetes_reference_grant_v1kubernetes_backend_tls_policy_v1/data.kubernetes_backend_tls_policy_v1kubernetes_listener_set_v1/data.kubernetes_listener_set_v1Key features covered:
SubjectAltNames (Hostname and URI).
All resources support
terraform importvianamespace/name.Acceptance tests
Tested against a KinD cluster with Gateway API CRDs installed:
Release Note
FEATURES:
kubernetes_gateway_class_v1kubernetes_gateway_v1kubernetes_http_route_v1kubernetes_grpc_route_v1kubernetes_tls_route_v1kubernetes_reference_grant_v1kubernetes_backend_tls_policy_v1kubernetes_listener_set_v1kubernetes_gateway_class_v1kubernetes_gateway_v1kubernetes_http_route_v1kubernetes_grpc_route_v1kubernetes_tls_route_v1kubernetes_reference_grant_v1kubernetes_backend_tls_policy_v1kubernetes_listener_set_v1References
Closes: #2474