Skip to content

feat: Add nginx gateway fabric legacy ingress module #508

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
unni-facets merged 13 commits into from
Feb 9, 2026
Merged

feat: Add nginx gateway fabric legacy ingress module #508

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
e00308d
add gateway api crd
Jan 30, 2026
b459349
add ingress of flavor nginx gateway fabric
Jan 30, 2026
e7ceb7a
fix regular expression path type and change path type to path prefix …
Feb 3, 2026
88a73b8
remove regular expression from facets.yaml
Feb 3, 2026
dec6c5f
use legacy format for gateway api crd
Feb 4, 2026
6ca6bb3
move domains inside spec
sanmesh-kakade Feb 4, 2026
ff8e84a
fix(nginx_gateway_fabric_legacy): remove hardcoded labels to avoid se…
sanmesh-kakade Feb 6, 2026
9014e78
enable access logs by default
sanmesh-kakade Feb 6, 2026
f1d10ff
add missing fields
sanmesh-kakade Feb 6, 2026
6abdc30
docs(nginx_gateway_fabric_legacy): fix domains config examples and ou…
sanmesh-kakade Feb 6, 2026
ee71a78
fix: address CodeRabbit review comments
sanmesh-kakade Feb 6, 2026
0dd4ac8
fix: replace ServiceMonitor with PodMonitor for metrics scraping (#511)
sanmesh-kakade Feb 6, 2026
f40331c
change default prometheus input
sanmesh-kakade Feb 9, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions intents/gateway_api_crd/facets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
name: gateway_api_crd
type: K8s
displayName: Gateway API CRD
description: Kubernetes Gateway API Custom Resource Definitions for advanced networking capabilities.
iconUrl: https://uploads-ssl.webflow.com/6252ef50a9f5d4afb6983bc3/669fa0ccb5a2964fe7f4d754_k8s_resource.svg
outputs:
- name: default
type: "@outputs/gateway_api_crd"
50 changes: 50 additions & 0 deletions modules/gateway_api_crd/k8s/1.0/facets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
intent: gateway_api_crd
flavor: legacy
version: "1.0"
description: Installs Kubernetes Gateway API CRDs (Legacy module format)
clouds:
- aws
- azure
- gcp
- kubernetes
inputs:
kubernetes_details:
type: "@outputs/kubernetes"
optional: false
default:
resource_type: kubernetes_cluster
resource_name: default
providers:
- kubernetes
- kubernetes-alpha
outputs:
default:
type: "@outputs/gateway_api_crd"
spec:
title: Gateway API CRD Configuration
type: object
properties:
channel:
type: string
default: experimental
description: Gateway API release channel
enum:
- standard
- experimental
version:
type: string
default: v1.4.1
description: Gateway API version to install
enum:
- v1.4.1
- v1.4.0
- v1.3.0
- v1.2.0
sample:
kind: gateway_api_crd
version: "1.0"
flavor: legacy
disabled: true
spec:
channel: experimental
version: v1.4.1
119 changes: 119 additions & 0 deletions modules/gateway_api_crd/k8s/1.0/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
locals {
name = lower(var.environment.namespace == "default" ? var.instance_name : "${var.environment.namespace}-${var.instance_name}")
namespace = var.environment.namespace
version = lookup(var.instance.spec, "version", "v1.4.1")
channel = lookup(var.instance.spec, "channel", "experimental")

# Build the install URL based on version and channel
install_file = local.channel == "experimental" ? "experimental-install.yaml" : "standard-install.yaml"
install_url = "https://github.com/kubernetes-sigs/gateway-api/releases/download/${local.version}/${local.install_file}"

# Tolerations: merge environment defaults with facets dedicated tolerations
tolerations = concat(
lookup(var.environment, "default_tolerations", []),
try(var.inputs.kubernetes_details.attributes.legacy_outputs.facets_dedicated_tolerations, [])
)

# Node selector from kubernetes_details legacy outputs
node_selector = try(var.inputs.kubernetes_details.attributes.legacy_outputs.facets_dedicated_node_selectors, {})
}

# ServiceAccount for Gateway API CRD installer Job
resource "kubernetes_service_account_v1" "gateway_api_crd_installer" {
metadata {
name = "${local.name}-gateway-api-crd-installer"
namespace = local.namespace
}
}

# ClusterRole for Gateway API CRD installer
resource "kubernetes_cluster_role_v1" "gateway_api_crd_installer" {
metadata {
name = "${local.name}-gateway-api-crd-installer"
}

rule {
api_groups = ["apiextensions.k8s.io"]
resources = ["customresourcedefinitions"]
verbs = ["get", "list", "create", "update", "patch"]
}
}

# ClusterRoleBinding for Gateway API CRD installer
resource "kubernetes_cluster_role_binding_v1" "gateway_api_crd_installer" {
metadata {
name = "${local.name}-gateway-api-crd-installer"
}

role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "ClusterRole"
name = kubernetes_cluster_role_v1.gateway_api_crd_installer.metadata[0].name
}

subject {
kind = "ServiceAccount"
name = kubernetes_service_account_v1.gateway_api_crd_installer.metadata[0].name
namespace = local.namespace
}
}

# Job to install Gateway API CRDs
resource "kubernetes_job_v1" "gateway_api_crd_installer" {
metadata {
name = "${local.name}-gateway-api-crd-installer"
namespace = local.namespace
}

spec {
template {
metadata {
labels = {
app = "gateway-api-crd-installer"
}
}

spec {
service_account_name = kubernetes_service_account_v1.gateway_api_crd_installer.metadata[0].name
restart_policy = "OnFailure"

# Node selector from kubernetes_details legacy outputs
node_selector = local.node_selector

# Dynamic tolerations from environment and kubernetes_details
dynamic "toleration" {
for_each = local.tolerations
content {
key = toleration.value.key
operator = toleration.value.operator
value = lookup(toleration.value, "value", null)
effect = toleration.value.effect
}
}

container {
name = "kubectl"
image = "bitnami/kubectl:1.31.4"
command = ["/bin/sh", "-c"]
args = [
# Using --server-side to avoid annotation size limit (262KB)
"kubectl apply --server-side -f ${local.install_url}"
]
}
}
}

backoff_limit = 3
}

wait_for_completion = true

timeouts {
create = "5m"
update = "5m"
}

depends_on = [
kubernetes_cluster_role_binding_v1.gateway_api_crd_installer
]
}
22 changes: 22 additions & 0 deletions modules/gateway_api_crd/k8s/1.0/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
locals {
output_attributes = {
version = local.version
channel = local.channel
install_url = local.install_url
job_name = kubernetes_job_v1.gateway_api_crd_installer.metadata[0].name
namespace = local.namespace
}
output_interfaces = {}
}

output "version" {
value = local.version
}

output "channel" {
value = local.channel
}

output "install_url" {
value = local.install_url
}
33 changes: 33 additions & 0 deletions modules/gateway_api_crd/k8s/1.0/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
variable "cluster" {
type = any
default = {}
}

variable "baseinfra" {
type = any
default = {}
}

variable "cc_metadata" {
type = any
default = {}
}

variable "instance" {
type = any
}

variable "instance_name" {
type = string
default = "test_instance"
}

variable "environment" {
type = any
default = {}
}

variable "inputs" {
type = any
default = {}
}
Loading