feat: add more config for gatewayproxy (#885)
diff --git a/charts/apisix-ingress-controller/README.md b/charts/apisix-ingress-controller/README.md
index 886ada1..bf3dd3e 100644
--- a/charts/apisix-ingress-controller/README.md
+++ b/charts/apisix-ingress-controller/README.md
@@ -141,11 +141,19 @@
| deployment.tolerations | list | `[]` | |
| deployment.topologySpreadConstraints | list | `[]` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods |
| fullnameOverride | string | `""` | |
-| gatewayProxy.createDefault | bool | `false` | |
-| gatewayProxy.provider.controlPlane.auth.adminKey.value | string | `"edd1c9f034335f136f87ad84b625c8f1"` | |
-| gatewayProxy.provider.controlPlane.auth.type | string | `"AdminKey"` | |
-| gatewayProxy.provider.controlPlane.endpoints | list | `[]` | |
-| gatewayProxy.provider.type | string | `"ControlPlane"` | |
+| gatewayProxy.createDefault | bool | `false` | Controls whether to create a default GatewayProxy custom resource. |
+| gatewayProxy.provider | object | `{"controlPlane":{"auth":{"adminKey":{"value":"edd1c9f034335f136f87ad84b625c8f1","valueFrom":{}},"type":"AdminKey"},"endpoints":[],"service":{"name":"","port":9180}},"pluginMetadata":{},"plugins":[],"type":"ControlPlane"}` | Configuration for the GatewayProxy provider connection |
+| gatewayProxy.provider.controlPlane | object | `{"auth":{"adminKey":{"value":"edd1c9f034335f136f87ad84b625c8f1","valueFrom":{}},"type":"AdminKey"},"endpoints":[],"service":{"name":"","port":9180}}` | ControlPlane provider specific configuration Either `endpoints` or `service` must be specified, but not both. |
+| gatewayProxy.provider.controlPlane.auth | object | `{"adminKey":{"value":"edd1c9f034335f136f87ad84b625c8f1","valueFrom":{}},"type":"AdminKey"}` | Authentication configuration for control plane connection |
+| gatewayProxy.provider.controlPlane.auth.adminKey | object | `{"value":"edd1c9f034335f136f87ad84b625c8f1","valueFrom":{}}` | AdminKey authentication configuration. Either `value` or `valueFrom` must be specified, but not both. |
+| gatewayProxy.provider.controlPlane.auth.adminKey.value | string | `"edd1c9f034335f136f87ad84b625c8f1"` | The admin key value for authentication. |
+| gatewayProxy.provider.controlPlane.auth.adminKey.valueFrom | object | `{}` | Reference to admin key stored in a Kubernetes Secret |
+| gatewayProxy.provider.controlPlane.auth.type | string | `AdminKey` | Authentication type. Only `AdminKey` is currently supported. |
+| gatewayProxy.provider.controlPlane.endpoints | list | `[]` | List of APISIX control plane Admin API endpoints. example: ["http://apisix-admin.default.svc.cluster.local:9180"] |
+| gatewayProxy.provider.controlPlane.service | object | `{"name":"","port":9180}` | Alternatively, reference a Kubernetes Service for the APISIX Admin API. |
+| gatewayProxy.provider.pluginMetadata | object | `{}` | Global plugin metadata shared by all instances of the same plugin. |
+| gatewayProxy.provider.plugins | list | `[]` | List of global plugins to be enabled on the GatewayProxy. |
+| gatewayProxy.provider.type | string | `"ControlPlane"` | Specifies the provider type for the GatewayProxy. |
| labelsOverride | object | `{}` | Override default labels assigned to Apache APISIX ingress controller resource |
| nameOverride | string | `""` | Default values for apisix-ingress-controller. This is a YAML-formatted file. Declare variables to be passed into your templates. |
| podDisruptionBudget | object | `{"enabled":false,"maxUnavailable":1,"minAvailable":"90%"}` | See https://kubernetes.io/docs/tasks/run-application/configure-pdb/ for more details |
diff --git a/charts/apisix-ingress-controller/templates/gatewayproxy.yaml b/charts/apisix-ingress-controller/templates/gatewayproxy.yaml
index 8c767cb..69bc6ea 100644
--- a/charts/apisix-ingress-controller/templates/gatewayproxy.yaml
+++ b/charts/apisix-ingress-controller/templates/gatewayproxy.yaml
@@ -24,11 +24,53 @@
provider:
type: {{ .Values.gatewayProxy.provider.type }}
controlPlane:
+ {{- if .Values.gatewayProxy.provider.controlPlane.endpoints }}
+ endpoints:
+ {{- toYaml .Values.gatewayProxy.provider.controlPlane.endpoints | nindent 8 }}
+ {{- else if .Values.gatewayProxy.provider.controlPlane.service.name }}
+ service:
+ name: {{ .Values.gatewayProxy.provider.controlPlane.service.name }}
+ port: {{ .Values.gatewayProxy.provider.controlPlane.service.port }}
+ {{- else }}
service:
name: {{ .Values.apisix.adminService.name }}
port: {{ .Values.apisix.adminService.port }}
+ {{- end }}
+
+ {{- with .Values.gatewayProxy.provider.controlPlane.tlsVerify }}
+ tlsVerify: {{ . }}
+ {{- end }}
+
{{- with .Values.gatewayProxy.provider.controlPlane.auth }}
auth:
- {{- toYaml . | nindent 8 }}
+ type: {{ .type }}
+ {{- with .adminKey }}
+ adminKey:
+ {{- if .valueFrom }}
+ valueFrom:
+ {{- toYaml .valueFrom | nindent 12 }}
+ {{- else if .value }}
+ value: {{ .value | quote }}
+ {{- end }}
+ {{- end }}
{{- end }}
+
+ {{- with .Values.gatewayProxy.publishService }}
+ publishService: {{ . | quote }}
+ {{- end }}
+
+ {{- with .Values.gatewayProxy.statusAddress }}
+ statusAddress:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+
+ {{- with .Values.gatewayProxy.plugins }}
+ plugins:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+
+ {{- with .Values.gatewayProxy.pluginMetadata }}
+ pluginMetadata:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
{{- end }}
diff --git a/charts/apisix-ingress-controller/values.yaml b/charts/apisix-ingress-controller/values.yaml
index ec68e3a..6703473 100644
--- a/charts/apisix-ingress-controller/values.yaml
+++ b/charts/apisix-ingress-controller/values.yaml
@@ -94,17 +94,67 @@
ingressClass: apisix
defaultIngressClass: false
+# The GatewayProxy resource configures gateway proxy instances including networking,
+# provider connection, global plugins, and plugin metadata.
gatewayProxy:
+ # -- Controls whether to create a default GatewayProxy custom resource.
createDefault: false
+
+ # -- Configuration for the GatewayProxy provider connection
provider:
+ # -- Specifies the provider type for the GatewayProxy.
type: ControlPlane
+
+ # -- ControlPlane provider specific configuration
+ # Either `endpoints` or `service` must be specified, but not both.
controlPlane:
+ # -- List of APISIX control plane Admin API endpoints.
+ # example: ["http://apisix-admin.default.svc.cluster.local:9180"]
endpoints: []
+
+ # -- Alternatively, reference a Kubernetes Service for the APISIX Admin API.
+ service:
+ name: ""
+ port: 9180
+
+ # -- Authentication configuration for control plane connection
auth:
+ # -- Authentication type. Only `AdminKey` is currently supported.
+ # @default -- `AdminKey`
type: AdminKey
+
+ # -- AdminKey authentication configuration.
+ # Either `value` or `valueFrom` must be specified, but not both.
adminKey:
+ # -- The admin key value for authentication.
value: "edd1c9f034335f136f87ad84b625c8f1"
+ # -- Reference to admin key stored in a Kubernetes Secret
+ valueFrom: {}
+ # secretKeyRef:
+ # name: apisix-admin-secret
+ # key: admin-key
+
+ # -- List of global plugins to be enabled on the GatewayProxy.
+ plugins: []
+ # - name: cors
+ # enabled: true
+ # config:
+ # allow_origins: "*"
+ # allow_methods: "GET,POST,PUT,DELETE"
+ # - name: ip-restriction
+ # enabled: false
+ # config:
+ # whitelist:
+ # - 10.0.0.0/8
+ # - 192.168.0.0/16
+
+ # -- Global plugin metadata shared by all instances of the same plugin.
+ pluginMetadata: {}
+ # prometheus:
+ # disable: false
+ # export_uri: /apisix/prometheus/metrics
+
apisix:
adminService:
namespace: apisix-ingress
