Update to gloo.util.mergeOverwriteWithOmit

solo-io · Nov 14, 2023 · 6543b6d · 6543b6d
1 parent ddc6774
commit 6543b6d
Show file tree

Hide file tree

Showing 8 changed files with 30 additions and 11 deletions.
diff --git a/changelog/v1.16.0-beta25/disable-extauth-sidecar.yaml b/changelog/v1.16.0-beta25/disable-extauth-sidecar.yaml
@@ -0,0 +1,6 @@
+changelog:
+- type: HELM
+  issueLink: https://github.com/solo-io/gloo/issues/8430
+  resolvesIssue: false
+  description: Adds the new helm value `gatewayproxy.proxyName.disableExtauthSidecar` to disable the extauth sidecar on a given gateway proxy when `global.extensions.extAuth.envoySidecar` is set
+
diff --git a/docs/content/reference/values.txt b/docs/content/reference/values.txt
@@ -707,6 +707,7 @@
 |gatewayProxies.NAME.xdsServicePort|uint32||The k8s service port for the xds server. Defaults to the value from .Values.gloo.deployment.xdsPort, but can be overridden to use, for example, xds-relay.|
 |gatewayProxies.NAME.tcpKeepaliveTimeSeconds|uint32||The amount of time in seconds for connections to be idle before sending keep-alive probes. Defaults to 60. See here: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive|
 |gatewayProxies.NAME.disableCoreDumps|bool||If set to true, Envoy will not generate core dumps in the event of a crash. Defaults to false|
+|gatewayProxies.NAME.disableExtauthSidecar|bool||When extAuth.envoySidecar is set to true, every gateway proxy pod will come up with an extauth container. If this setting is set to true, the extauth container will not be added to the gatway proxy pod. Defaults to false|
 |gatewayProxies.NAME.kubeResourceOverride.NAME|interface||override fields in the generated resource by specifying the yaml structure to override under the top-level key.|
 |gatewayProxies.gatewayProxy.kind.deployment.replicas|int|1|number of instances to deploy|
 |gatewayProxies.gatewayProxy.kind.deployment.customEnv[].name|string|||
@@ -956,6 +957,7 @@
 |gatewayProxies.gatewayProxy.xdsServicePort|uint32||The k8s service port for the xds server. Defaults to the value from .Values.gloo.deployment.xdsPort, but can be overridden to use, for example, xds-relay.|
 |gatewayProxies.gatewayProxy.tcpKeepaliveTimeSeconds|uint32|60|The amount of time in seconds for connections to be idle before sending keep-alive probes. Defaults to 60. See here: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-tcpkeepalive|
 |gatewayProxies.gatewayProxy.disableCoreDumps|bool|false|If set to true, Envoy will not generate core dumps in the event of a crash. Defaults to false|
+|gatewayProxies.gatewayProxy.disableExtauthSidecar|bool|false|When extAuth.envoySidecar is set to true, every gateway proxy pod will come up with an extauth container. If this setting is set to true, the extauth container will not be added to the gatway proxy pod. Defaults to false|
 |gatewayProxies.gatewayProxy.kubeResourceOverride.NAME|interface||override fields in the generated resource by specifying the yaml structure to override under the top-level key.|
 |ingress.enabled|bool|false||
 |ingress.deployment.image.tag|string|<release_version, ex: 1.2.3>|The image tag for the container.|

diff --git a/install/helm/gloo/templates/7-gateway-proxy-deployment.yaml b/install/helm/gloo/templates/7-gateway-proxy-deployment.yaml
@@ -9,7 +9,7 @@
 {{- $settings := .Values.settings }}
 {{- $isUpgrade := .Values.gateway.upgrade }}
 {{- $gatewayProxy := .Values.gatewayProxies.gatewayProxy -}}
-{{- $spec := include "gloo.util.overwriteWithOmit" (list $gatewaySpec $gatewayProxy $gatewaySpec.omitKeys) | fromJson }}
+{{- $spec := include "gloo.util.mergeOverwriteWithOmit" (list $gatewaySpec $gatewayProxy) | fromJson }}
 {{- $ports := list }}
 {{- if not (empty $spec.podTemplate) }}
   {{- $ports = (list $spec.podTemplate.httpPort $spec.podTemplate.httpsPort $spec.podTemplate.extraPorts) }}

diff --git a/install/helm/gloo/templates/8-gateway-proxy-horizontal-pod-autoscaler.yaml b/install/helm/gloo/templates/8-gateway-proxy-horizontal-pod-autoscaler.yaml
@@ -3,7 +3,7 @@
 {{- $gatewaySpec := (index . 2) }}
 {{- with (first .) }}
 {{- $gatewayProxy := .Values.gatewayProxies.gatewayProxy -}}
-{{- $spec := include "gloo.util.overwriteWithOmit" (list $gatewaySpec $gatewayProxy $gatewaySpec.omitKeys) | fromJson }}
+{{- $spec := include "gloo.util.mergeOverwriteWithOmit" (list $gatewaySpec $gatewayProxy) | fromJson }}
 {{- if $spec.kind.deployment }}
 {{- if $spec.horizontalPodAutoscaler }}
 apiVersion: {{ $spec.horizontalPodAutoscaler.apiVersion }}

diff --git a/install/helm/gloo/templates/8-gateway-proxy-pod-disruption-budget.yaml b/install/helm/gloo/templates/8-gateway-proxy-pod-disruption-budget.yaml
@@ -3,7 +3,7 @@
 {{- $gatewaySpec := (index . 2) }}
 {{- with (first .) }}
 {{- $gatewayProxy := .Values.gatewayProxies.gatewayProxy -}}
-{{- $spec := include "gloo.util.overwriteWithOmit" (list $gatewaySpec $gatewayProxy $gatewaySpec.omitKeys) | fromJson }}
+{{- $spec := include "gloo.util.mergeOverwriteWithOmit" (list $gatewaySpec $gatewayProxy) | fromJson }}
 {{- if $spec.kind.deployment}}
 {{- if $spec.podDisruptionBudget }}
 apiVersion: policy/v1

diff --git a/install/helm/gloo/templates/9-gateway-proxy-configmap.yaml b/install/helm/gloo/templates/9-gateway-proxy-configmap.yaml
@@ -7,7 +7,7 @@
 {{- with (first .) }}
 {{- $global := .Values.global }}
 {{- $gatewayProxy := .Values.gatewayProxies.gatewayProxy -}}
-{{- $spec := include "gloo.util.overwriteWithOmit" (list $gatewaySpec $gatewayProxy $gatewaySpec.omitKeys) | fromJson }}
+{{- $spec := include "gloo.util.mergeOverwriteWithOmit" (list $gatewaySpec $gatewayProxy) | fromJson }}
 {{- if not $spec.disabled }}
 {{- $statsConfig := coalesce $spec.stats $global.glooStats }}
 # config_map

diff --git a/install/helm/gloo/templates/_8-default-gateways.tpl b/install/helm/gloo/templates/_8-default-gateways.tpl
@@ -147,7 +147,7 @@ spec:
 {{- define "gloo.customResources.defaultGateways" -}}
 {{- $gatewayProxy := .Values.gatewayProxies.gatewayProxy }}
 {{- range $name, $gatewaySpec := .Values.gatewayProxies }}
-{{- $spec := include "gloo.util.overwriteWithOmit" (list $gatewaySpec $gatewayProxy $gatewaySpec.omitKeys) | fromJson }}
+{{- $spec := include "gloo.util.mergeOverwriteWithOmit" (list $gatewaySpec $gatewayProxy) | fromJson }}
 {{- $gatewaySettings := $spec.gatewaySettings }}
 {{- if and $spec.gatewaySettings (not $gatewaySpec.disabled) }}
 {{- $ctx := (list $ $name $spec) }}

diff --git a/install/helm/gloo/templates/_helpers.tpl b/install/helm/gloo/templates/_helpers.tpl
@@ -1,5 +1,15 @@
 {{/* vim: set filetype=mustache: */}}
 
+{{- /*
+There can be cases when we do not want to overwrite an empty value on a resource when merged.
+Eg. To generate a proxy config, we mergeOverwrite it with the default gateway-proxy config.
+If we want to preserve the empty value of the gateway and not have them overwritten, we set it to `gloo.omitOverwrite`
+and call `gloo.util.mergeOverwriteWithOmit` when merging. This sets all fields with values equal to this back to empty after the overwrite
+*/ -}}
+{{- define "gloo.omitOverwrite" -}}
+DO-NOT-OVERWRITE
+{{- end -}}
+
 {{- define "gloo.roleKind" -}}
 {{- if .Values.global.glooRbac.namespaced -}}
 Role
@@ -226,13 +236,14 @@ Otherwise it will generate ["Create", "Update", "Delete"]
 {{ toJson  $operations -}}
 {{- end -}}
 
-{{- define "gloo.util.overwriteWithOmit" -}}
+{{- define "gloo.util.mergeOverwriteWithOmit" -}}
 {{- $resource := first . -}}
 {{- $overwrite := index . 1 -}}
 {{- $result := deepCopy $resource | mergeOverwrite (deepCopy $overwrite) -}}
-{{- $omitKeys := index . 2 | default list -}}
-{{- range $key := $omitKeys }}
-  {{- $_ := unset $result $key }}
-{{- end }}
-{{ $result | toJson }}
+{{- range $key, $value := $result }}
+  {{- if eq (toString $value) "gloo.omitOverwrite" -}}
+    {{- $_ := unset $result $key }}
+  {{- end -}}
+{{- end -}}
+{{ toJson $result }}
 {{- end -}}