feat(external-dns): add Gateway API source when gatewayAPI is enabled

When gateway.gatewayAPI is true, pass gateway-httproute source to the system external-dns package via components values override. Co-Authored-By: Claude <noreply@anthropic.com> Signed-off-by: Kirill Ilin <stitch14@yandex.ru>
feat(gateway-api): add Gateway API support via Cilium
2026-03-12 01:48:58 +00:00 · 2026-03-11 23:27:54 +05:00 · 2026-03-11 23:27:30 +05:00
6 changed files with 8452 additions and 1284 deletions
--- a/packages/core/platform/sources/networking.yaml
+++ b/packages/core/platform/sources/networking.yaml
@@ -15,6 +15,12 @@ spec:
  - name: cilium
    dependsOn: []
    components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
    - name: cilium
      path: system/cilium
      valuesFiles:
@@ -24,7 +30,8 @@ spec:
        privileged: true
        namespace: cozy-cilium
        releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
    - name: cilium-networkpolicy
      path: system/cilium-networkpolicy
      install:
@@ -36,6 +43,12 @@ spec:
  - name: cilium-kilo
    dependsOn: []
    components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
    - name: cilium
      path: system/cilium
      valuesFiles:
@@ -46,7 +59,8 @@ spec:
        privileged: true
        namespace: cozy-cilium
        releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
    - name: kilo
      path: system/kilo
      valuesFiles:
@@ -62,6 +76,12 @@ spec:
  - name: cilium-generic
    dependsOn: []
    components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
    - name: cilium
      path: system/cilium
      valuesFiles:
@@ -70,7 +90,8 @@ spec:
        privileged: true
        namespace: cozy-cilium
        releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
    - name: cilium-networkpolicy
      path: system/cilium-networkpolicy
      install:
@@ -82,6 +103,12 @@ spec:
  - name: kubeovn-cilium
    dependsOn: []
    components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
    - name: cilium
      path: system/cilium
      valuesFiles:
@@ -92,7 +119,8 @@ spec:
        privileged: true
        namespace: cozy-cilium
        releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
    - name: cilium-networkpolicy
      path: system/cilium-networkpolicy
      install:
@@ -113,6 +141,12 @@ spec:
  - name: kubeovn-cilium-generic
    dependsOn: []
    components:
+    - name: gateway-api-crds
+      path: system/gateway-api-crds
+      install:
+        namespace: cozy-gateway-api-crds
+        releaseName: gateway-api-crds
+        dependsOn: []
    - name: cilium
      path: system/cilium
      valuesFiles:
@@ -122,7 +156,8 @@ spec:
        privileged: true
        namespace: cozy-cilium
        releaseName: cilium
-        dependsOn: []
+        dependsOn:
+        - gateway-api-crds
    - name: cilium-networkpolicy
      path: system/cilium-networkpolicy
      install:
--- a/packages/core/platform/templates/bundles/system.yaml
+++ b/packages/core/platform/templates/bundles/system.yaml
@@ -16,10 +16,14 @@
 {{- $kubeovnValues := dict "kube-ovn" $kubeovnDict -}}
 {{- $_ := set $networkingComponents "kubeovn" (dict "values" $kubeovnValues) -}}
 {{- /* For Talos (isp-full): use KubePrism endpoint and disable cgroup autoMount */ -}}
-{{- $ciliumValues := dict "cilium" (dict
+{{- $ciliumDict := dict
  "k8sServiceHost" "localhost"
  "k8sServicePort" "7445"
-  "cgroup" (dict "autoMount" (dict "enabled" false))) -}}
+  "cgroup" (dict "autoMount" (dict "enabled" false)) -}}
+{{- if .Values.gateway.gatewayAPI -}}
+{{- $_ := set $ciliumDict "gatewayAPI" (dict "enabled" true) -}}
+{{- end -}}
+{{- $ciliumValues := dict "cilium" $ciliumDict -}}
 {{- $_ := set $networkingComponents "cilium" (dict "values" $ciliumValues) -}}
 {{- end -}}
 {{include "cozystack.platform.package" (list "cozystack.networking" "kubeovn-cilium" $ $networkingComponents) }}
@@ -83,10 +87,14 @@
 {{- $kubeovnValues := dict "kube-ovn" $kubeovnDict -}}
 {{- $_ := set $networkingComponents "kubeovn" (dict "values" $kubeovnValues) -}}
 {{- /* Cilium configuration - for generic k8s, always enable cgroup autoMount */ -}}
-{{- $ciliumValues := dict "cilium" (dict
+{{- $ciliumDict := dict
  "k8sServiceHost" $apiHost
  "k8sServicePort" $apiPort
-  "cgroup" (dict "autoMount" (dict "enabled" true))) -}}
+  "cgroup" (dict "autoMount" (dict "enabled" true)) -}}
+{{- if .Values.gateway.gatewayAPI -}}
+{{- $_ := set $ciliumDict "gatewayAPI" (dict "enabled" true) -}}
+{{- end -}}
+{{- $ciliumValues := dict "cilium" $ciliumDict -}}
 {{- $_ := set $networkingComponents "cilium" (dict "values" $ciliumValues) -}}
 {{- end -}}
 {{- /* Use kubeovn-cilium-generic variant (no values-talos.yaml) */ -}}
@@ -148,7 +156,16 @@
 # Optional System Packages (controlled via bundles.enabledPackages)
 {{include "cozystack.platform.package.optional.default" (list "cozystack.nfs-driver" $) }}
 {{include "cozystack.platform.package.optional.default" (list "cozystack.telepresence" $) }}
-{{include "cozystack.platform.package.optional.default" (list "cozystack.external-dns" $) }}
+{{- $externalDnsComponents := dict -}}
+{{- if .Values.gateway.gatewayAPI -}}
+{{- $externalDnsValues := dict "external-dns" (dict "sources" (list "service" "ingress" "gateway-httproute")) -}}
+{{- $_ := set $externalDnsComponents "external-dns" (dict "values" $externalDnsValues) -}}
+{{- end -}}
+{{- $disabled := default (list) .Values.bundles.disabledPackages -}}
+{{- $enabled := default (list) .Values.bundles.enabledPackages -}}
+{{- if and (has "cozystack.external-dns" $enabled) (not (has "cozystack.external-dns" $disabled)) -}}
+{{include "cozystack.platform.package" (list "cozystack.external-dns" "default" $ $externalDnsComponents) }}
+{{- end }}
 {{include "cozystack.platform.package.optional.default" (list "cozystack.external-dns-application" $) }}
 {{include "cozystack.platform.package.optional.default" (list "cozystack.external-secrets-operator" $) }}
 {{- if has "cozystack.bootbox" (default (list) .Values.bundles.enabledPackages) }}
--- a/packages/core/platform/values.yaml
+++ b/packages/core/platform/values.yaml
@@ -34,6 +34,10 @@ networking:
  # Set this to comma-separated list of master node IPs to override.
  kubeovn:
    MASTER_NODES: ""
+# Gateway configuration
+gateway:
+  ingress: true
+  gatewayAPI: false
 # Service publishing and ingress configuration
 publishing:
  host: "example.org"
--- a/packages/system/cert-manager/values.yaml
+++ b/packages/system/cert-manager/values.yaml
@@ -0,0 +1,3 @@
+cert-manager:
+  config:
+    enableGatewayAPI: true
--- a/packages/system/gateway-api-crds/Makefile
+++ b/packages/system/gateway-api-crds/Makefile
@@ -6,4 +6,4 @@ include ../../../hack/package.mk
 update:
 	rm -rf templates
 	mkdir templates
-	kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.2.0" > templates/crds-experimental.yaml
+	kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.5.0" > templates/crds-experimental.yaml
--- a/packages/system/gateway-api-crds/templates/crds-experimental.yaml
+++ b/packages/system/gateway-api-crds/templates/crds-experimental.yaml