(#30) Add httpbin Gateway and VirtualService

There isn't a default Gateway yet, so use a specific `httpbin` gateway
to test istio instead.

docs/examples/platforms/reference/clusters/workload/cloud/mesh/istio/httpbin/httpbin.cue

@@ -3,26 +3,30 @@ package holos
 let Name = "httpbin"
 let SecretName = #InputKeys.cluster + "-" + Name
 let MatchLabels = {app: Name} & #SelectorLabels
+let Metadata = {
+	name:      Name
+	namespace: #TargetNamespace
+	labels: app: Name
+}
 
 #InputKeys: component: Name
 
 #TargetNamespace: "istio-ingress"
 #DependsOn:       _IngressGateway
 
+let Cert = #HTTP01Cert & {
+	_name:   Name
+	_secret: SecretName
+}
+
 #KubernetesObjects & {
 	apiObjects: {
-		Certificate: httpbin: #HTTP01Cert & {
-			_name:   Name
-			_secret: SecretName
-		}
+		Certificate: httpbin: Cert.object
 		Deployment: httpbin: #Deployment & {
-			metadata: {
-				name:      Name
-				namespace: #TargetNamespace
-				labels: app: Name
-			}
+			metadata: Metadata
 			spec: selector: matchLabels: MatchLabels
 			spec: template: {
+				metadata: labels: MatchLabels
 				metadata: labels: #CommonLabels
 				metadata: labels: #IstioSidecar
 				spec: securityContext: seccompProfile: type: "RuntimeDefault"
@@ -40,5 +44,32 @@ let MatchLabels = {app: Name} & #SelectorLabels
 					}}]
 			}
 		}
+		Service: httpbin: #Service & {
+			metadata: Metadata
+			spec: selector: MatchLabels
+			spec: ports: [
+				{port: 80, targetPort: 8080, protocol: "TCP", name: "http"},
+			]
+		}
+		Gateway: httpbin: #Gateway & {
+			metadata: Metadata
+			spec: selector: istio: "ingressgateway"
+			spec: servers: [
+				{
+					hosts: ["\(#TargetNamespace)/\(Cert.Host)"]
+					port: name:          "https-\(#InstanceName)"
+					port: number:        443
+					port: protocol:      "HTTPS"
+					tls: credentialName: Cert.SecretName
+					tls: mode:           "SIMPLE"
+				},
+			]
+		}
+		VirtualService: httpbin: #VirtualService & {
+			metadata: Metadata
+			spec: hosts: [Cert.Host]
+			spec: gateways: ["\(#TargetNamespace)/\(Name)"]
+			spec: http: [{route: [{destination: host: Name}]}]
+		}
 	}
 }

docs/examples/schema.cue

@@ -105,20 +105,23 @@ _apiVersion: "holos.run/v1alpha1"
 #Certificate:    #NamespaceObject & crt.#Certificate
 
 // #HTTP01Cert defines a http01 certificate.
-#HTTP01Cert: #Certificate & {
-	_name:   string
-	_secret: string | *_name
-	let Host = _name + "." + #ClusterDomain
-	metadata: {
-		name:      _secret
-		namespace: string | *#TargetNamespace
-	}
-	spec: {
-		commonName: Host
-		dnsNames: [Host]
-		secretName: _secret
-		issuerRef: kind: "ClusterIssuer"
-		issuerRef: name: "letsencrypt"
+#HTTP01Cert: {
+	_name:      string
+	_secret:    string | *_name
+	SecretName: _secret
+	Host:       _name + "." + #ClusterDomain
+	object: #Certificate & {
+		metadata: {
+			name:      _secret
+			namespace: string | *#TargetNamespace
+		}
+		spec: {
+			commonName: Host
+			dnsNames: [Host]
+			secretName: _secret
+			issuerRef: kind: "ClusterIssuer"
+			issuerRef: name: "letsencrypt"
+		}
 	}
 }
 

pkg/version/embedded/patch

@@ -1 +1 @@
-5
+7