(#30 ) Add httpbin Gateway and VirtualService

There isn't a default Gateway yet, so use a specific `httpbin` gateway to test istio instead.
(#30 ) Add httpbin Service for ns istio-ingress
2026-03-21 01:35:02 +00:00 · 2024-03-02 21:12:03 -08:00 · 2024-03-02 20:39:55 -08:00
3 changed files with 57 additions and 24 deletions
--- a/docs/examples/platforms/reference/clusters/workload/cloud/mesh/istio/httpbin/httpbin.cue
+++ b/docs/examples/platforms/reference/clusters/workload/cloud/mesh/istio/httpbin/httpbin.cue
@@ -3,24 +3,27 @@ package holos
 let Name = "httpbin"
 let SecretName = #InputKeys.cluster + "-" + Name
 let MatchLabels = {app: Name} & #SelectorLabels
+let Metadata = {
+	name:      Name
+	namespace: #TargetNamespace
+	labels: app: Name
+}

 #InputKeys: component: Name

 #TargetNamespace: "istio-ingress"
 #DependsOn:       _IngressGateway

+let Cert = #HTTP01Cert & {
+	_name:   Name
+	_secret: SecretName
+}
+
 #KubernetesObjects & {
 	apiObjects: {
-		Certificate: httpbin: #HTTP01Cert & {
-			_name:   Name
-			_secret: SecretName
-		}
+		Certificate: httpbin: Cert.object
 		Deployment: httpbin: #Deployment & {
-			metadata: {
-				name:      Name
-				namespace: #TargetNamespace
-				labels: app: Name
-			}
+			metadata: Metadata
 			spec: selector: matchLabels: MatchLabels
 			spec: template: {
 				metadata: labels: MatchLabels
@@ -41,5 +44,32 @@ let MatchLabels = {app: Name} & #SelectorLabels
 					}}]
 			}
 		}
+		Service: httpbin: #Service & {
+			metadata: Metadata
+			spec: selector: MatchLabels
+			spec: ports: [
+				{port: 80, targetPort: 8080, protocol: "TCP", name: "http"},
+			]
+		}
+		Gateway: httpbin: #Gateway & {
+			metadata: Metadata
+			spec: selector: istio: "ingressgateway"
+			spec: servers: [
+				{
+					hosts: ["\(#TargetNamespace)/\(Cert.Host)"]
+					port: name:          "https-\(#InstanceName)"
+					port: number:        443
+					port: protocol:      "HTTPS"
+					tls: credentialName: Cert.SecretName
+					tls: mode:           "SIMPLE"
+				},
+			]
+		}
+		VirtualService: httpbin: #VirtualService & {
+			metadata: Metadata
+			spec: hosts: [Cert.Host]
+			spec: gateways: ["\(#TargetNamespace)/\(Name)"]
+			spec: http: [{route: [{destination: host: Name}]}]
+		}
 	}
 }
--- a/docs/examples/schema.cue
+++ b/docs/examples/schema.cue
@@ -105,20 +105,23 @@ _apiVersion: "holos.run/v1alpha1"
 #Certificate:    #NamespaceObject & crt.#Certificate

 // #HTTP01Cert defines a http01 certificate.
-#HTTP01Cert: #Certificate & {
-	_name:   string
-	_secret: string | *_name
-	let Host = _name + "." + #ClusterDomain
-	metadata: {
-		name:      _secret
-		namespace: string | *#TargetNamespace
-	}
-	spec: {
-		commonName: Host
-		dnsNames: [Host]
-		secretName: _secret
-		issuerRef: kind: "ClusterIssuer"
-		issuerRef: name: "letsencrypt"
+#HTTP01Cert: {
+	_name:      string
+	_secret:    string | *_name
+	SecretName: _secret
+	Host:       _name + "." + #ClusterDomain
+	object: #Certificate & {
+		metadata: {
+			name:      _secret
+			namespace: string | *#TargetNamespace
+		}
+		spec: {
+			commonName: Host
+			dnsNames: [Host]
+			secretName: _secret
+			issuerRef: kind: "ClusterIssuer"
+			issuerRef: name: "letsencrypt"
+		}
 	}
 }

--- a/pkg/version/embedded/patch
+++ b/pkg/version/embedded/patch
@@ -1 +1 @@
-6
+7
Author	SHA1	Message	Date
Jeff McCune	f90e83e142	(#30 ) Add httpbin Gateway and VirtualService There isn't a default Gateway yet, so use a specific `httpbin` gateway to test istio instead.	2024-03-02 21:12:03 -08:00
Jeff McCune	bdd2964edb	(#30 ) Add httpbin Service for ns istio-ingress	2024-03-02 20:39:55 -08:00