Revert "Merge branch 'develop/gateway' of https://github.com/CAAPIM/a…

…pim-charts into F151322_MySql8.4_support_develop"

This reverts commit 7e6c328, reversing
changes made to 1f8fae8.

charts/gateway/README.md

@@ -199,13 +199,16 @@ The following table lists the configurable parameters of the Gateway chart and t
 | `service.annotations`    | Additional annotations to add to the service               | {} |
 | `service.internalTrafficPolicy`    | [Internal Traffic Policy](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/#using-service-internal-traffic-policy)               | `Cluster` |
 | `service.externalTrafficPolicy`    | [External Traffic Policy](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip)               | `Cluster` |
+
 | `ingress.enabled`    | Enable/Disable an ingress record being created               | `false` |
-| `ingress.annotations`    | Additional ingress annotations               | `{}` |
-| `ingress.hostname`    | Sets Ingress Hostname  | `nil` |
-| `ingress.port`    | The Gateway Port number/name to route to  | `8443` |
-| `ingress.tlsHostnames`    | Register additional Hostnames for the TLS Certificate  | `see values.yaml` |
-| `ingress.secretName`    | The name of an existing Cert secret, setting this does not auto-create the secret               | `tls-secret` |
-| `ingress.additionalHostnamesAndPorts`    | key/value pairs of hostname:port that will be added to the ingress object  | `see values.yaml` |
+| `ingress.openshift.route.enabled`    | Create an Openshift Route (Requires Openshift)               | `false` |
+| `ingress.openshift.route.wildcardPolicy`    | Openshift Route Wildcard Policy               | `None` |
+| `ingress.openshift.route.weight`    | Openshift Route Weight (0-255)               | `commented` |
+| `ingress.annotations`    | ingress annotations               | `{}` |
+| `ingress.labels`    | additional ingress labels               | `{}` |
+| `ingress.ingressClassName`    | Ingress Class Name               | `nginx` |
+| `ingress.tls`    | Ingress TLS Configuration               | `see values.yaml` |
+| `ingress.rules`    | Ingress Rules Configuration              | `see values.yaml` |
 | `startupProbe.enabled`    | Enable/Disable               | `false` |
 | `startupProbe.initialDelaySeconds`    | Initial delay               | `60` |
 | `startupProbe.timeoutSeconds`    | Timeout               | `1` |
@@ -508,25 +511,71 @@ config:
 ### Ingress Configuration
 The Gateway Helm Chart allows you to configure an Ingress Resource that your central Ingress Controller can manage. You can find more information on [Ingress Controllers](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/) here.
 
-This represents the ingress configuration for Gateway Chart < 3.0.0 you need to configure an Ingress Resource for the API Gateway
+If your ingress controller is private and you would like to create an ingress record/route for the management service you can use the following configuration
+```
+ ...
+  rules:
+  - host: dev.ca.com <<== standard traffic
+    path: "/"
+    service:
+      port:
+        name: https
+  - host: dev-pm.ca.com <<== management traffic
+    path: "/"
+    backend: management <<== will target the management service
+    service:
+      port:
+        name: management
+```
 
+New Ingress Configuration Gateway Chart >= 3.0.31 (openshift route support)
 ```
 ingress:
-  enabled: true
-  annotations:
-  # Ingress class
-    kubernetes.io/ingress.class: nginx
-    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+  # Set to true to create ingress object
+  enabled: false
+  # Set openshift.route.enabled to true if you are using Openshift and would like to use routes
+  openshift:
+    route:
+      enabled: false
+      wildcardPolicy: None
+    # weight: 100
+      
+  # Ingress Class Name
+  ingressClassName: nginx
+  # Ingress labels (also apply to routes)
+  labels: {}
+  # Ingress annotations (also apply to routes)
+  annotations: {}
+  # nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
   # nginx.ingress.kubernetes.io/ssl-passthrough: "true"
-  secretName: tls-secret
-  hostname: dev.ca.com
-  tlsHostnames: []
-  # - dev.ca.com
-  # - dev1.ca.com
-  ## The port that you want to route to via ingress. This needs to be available via service.ports.
-  port: 8443
-  ## Define additional hostnames and ports as key-value pairs.
-  additionalHostnamesAndPorts: {}
+  # When the ingress is enabled, a host pointing to this will be created
+  tls:
+  - hosts:
+    - dev.ca.com
+    secretName: default
+  # - hosts:
+  #   - dev1.ca.com
+  #   secretName: default
+  rules:
+  - host: dev.ca.com
+    path: "/"
+    service:
+      port:
+        name: https
+      # number:
+  # - host: dev1.ca.com
+  #   path: "/"
+  #   service:
+  #     port:
+  #       name: https
+      # number:
+  # - host: dev-pm.ca.com
+  #   path: "/"
+  #   backend: management
+  #   service:
+  #     port:
+  #       name: management
+        # number:
 ```
 
 New Ingress Configuration Gateway Chart >= 3.0.0
@@ -567,6 +616,26 @@ ingress:
 #        #number:
 ```
 
+This represents the ingress configuration for Gateway Chart < 3.0.0 you need to configure an Ingress Resource for the API Gateway
+```
+ingress:
+  enabled: true
+  annotations:
+  # Ingress class
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+  # nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+  secretName: tls-secret
+  hostname: dev.ca.com
+  tlsHostnames: []
+  # - dev.ca.com
+  # - dev1.ca.com
+  ## The port that you want to route to via ingress. This needs to be available via service.ports.
+  port: 8443
+  ## Define additional hostnames and ports as key-value pairs.
+  additionalHostnamesAndPorts: {}
+```
+
 [Back to Additional Guides](#additional-guides)
 
 ### PM Tagger Configuration
@@ -610,11 +679,27 @@ OpenTelemetry is configured on the Gateway in two places, system properties and
 
 These can be configured in values.yaml. See the section below to view examples of how and where to configure this.
 
+- config.otel
+```
+config:
+  ...
+  otel:
+    # If sdkOnly is enabled we will inject the above environment variables
+    # Note that this is container level configuration only. You will still need to set the relevant cluster-wide and system properties below
+    sdkOnly:
+      enabled: true
+    # Used to inject additional resource attributes for tracking with the sdkOnly approach
+    # these can then be used as an additional filter in your observability backend
+    additionalResourceAttributes:
+    - test=someEnvValue
+   # - test1=someEnvValue1
+```
+
+
 - system.properties
 ```
 otel.sdk.disabled=false
 otel.java.global-autoconfigure.enabled=true
-otel.service.name=ssg-gateway
 otel.exporter.otlp.endpoint=http://localhost:4318/
 otel.exporter.otlp.protocol=http/protobuf
 otel.traces.exporter=otlp

charts/gateway/production-values.yaml

@@ -186,24 +186,6 @@ config:
   # If you are using an earlier version of the Gateway, these will be ignored.
   # minHeapSize: "1g"
   # maxHeapSize: "3g"
-  # The OTel SDK uses the following environment variables to gather information about the container
-  # NODE_NAME - Kubernetes Node
-  # POD_NAME - Podname, also hostname
-  # NAMESPACE
-  # CONTAINER_NAME - this is always gateway
-  # OTEL_SERVICE_NAME - <release-name>-<chart-name>
-  # OTEL_RESOURCE_ATTRIBUTES
-  # When using auto-instrumentation (injecting the OTel Java Agent via the OpenTelemetryOperator) these values are automatically set
-  # When using the sdk only approach (no OTel Java Agent) we set these using built-in metadata fields
-  otel:
-    # If sdkOnly is enabled we will inject the above environment variables
-    # Note that this is container level configuration only. You will still need to set the relevant cluster-wide and system properties below
-    sdkOnly:
-      enabled: false
-    # Used to inject additional resource attributes for tracking with the sdkOnly approach
-    additionalResourceAttributes: []
-    # - test=someEnvValue
-    # - test1=someEnvValue1
   javaArgs:
     - -Dcom.l7tech.bootstrap.autoTrustSslKey=trustAnchor,TrustedFor.SSL,TrustedFor.SAML_ISSUER
     - -Dcom.l7tech.server.audit.message.saveToInternal=false
@@ -286,17 +268,13 @@ config:
     # If you would like to use the built in OpenTelemetry SDK uncomment and set the following configuration
     # otel.sdk.disabled=false
     # otel.java.global-autoconfigure.enabled=true
+    # otel.service.name=ssg-gateway
     # otel.exporter.otlp.endpoint=http://localhost:4318/
     # otel.exporter.otlp.protocol=http/protobuf
     # otel.traces.exporter=otlp
     # otel.metrics.exporter=otlp
     # otel.logs.exporter=none
     # Additional properties go here
-  # Additional System properties are appended at the end of system.properties
-  # Defined as key/value pairs
-  additionalSystemProperties: []
-  # - name: test
-  #   value: test123
 
  # If enabled this will override the default listen ports and their configuration in the API Gateway
   listenPorts:
@@ -907,46 +885,39 @@ otk:
 ingress:
   # Set to true to create ingress object
   enabled: true
-  # Set openshift.route.enabled to true if you are using Openshift and would like to use routes
-  openshift:
-    route:
-      enabled: false
-      wildcardPolicy: None
-    # weight: 100
   # Ingress Class Name
   ingressClassName: nginx
   # Ingress annotations
   annotations:
+  # Ingress class
+   # kubernetes.io/ingress.class: nginx
     nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
   # nginx.ingress.kubernetes.io/ssl-passthrough: "true"
   # When the ingress is enabled, a host pointing to this will be created
+  # By default clusterHostname is used, only set this if you want to use a different host
+   ## Enable TLS configuration for the hostname defined at ingress.hostname/clusterHostname parameter
   tls:
   - hosts:
     - dev.ca.com
     secretName: default
   # - hosts:
   #   - dev1.ca.com
   #   secretName: default
+
   rules:
   - host: dev.ca.com
     path: "/"
     service:
       port:
         name: https
       # number:
-  # - host: dev1.ca.com
-  #   path: "/"
-  #   service:
-  #     port:
-  #       name: https
-      # number:
-  # - host: dev-pm.ca.com
-  #   path: "/"
-  #   backend: management
-  #   service:
-  #     port:
-  #       name: management
-        # number:
+  #  - host: dev1.ca.com
+  #    path: "/"
+  #    backend: management
+  #    service:
+  #      port:
+  #        name: management
+  #        #number:
 
 # Additional Environment variables to be added to the Gateway Configmap
 additionalEnv: {}

charts/gateway/release-notes.md

@@ -91,7 +91,6 @@ config:
 ```
 
 ## 3.0.30 General Updates
-Release notes will also be moved to a new file before merge...
 **Note** Gateway restart required if using preview Redis features.
 - Support added for running the Gateway without [Diskless Config](./README.md#diskless-configuration)
   - Uses node.properties which can be mounted via [Secret or Secret Store CSI Driver](https://secrets-store-csi-driver.sigs.k8s.io/)

charts/gateway/templates/_helpers.tpl

@@ -203,21 +203,6 @@ Define OTK Image Pull Secret Name
 {{- end -}}
 {{- end -}}
 
-
-{{/*
- Define OTEL_RESOURCE_ATTRIBUTES Environment variable
- */}}
-{{- define "gateway.otel.resource.attributes" -}}
-{{ $resourceAttributes := printf "%s,service.version=%s" "k8s.container.name=$(CONTAINER_NAME),k8s.deployment.name=$(OTEL_SERVICE_NAME),service.name=$(OTEL_SERVICE_NAME),k8s.namespace.name=$(NAMESPACE),k8s.node.name=$(NODE_NAME),k8s.pod.name=$(POD_NAME)" .Values.image.tag }}
-{{- if and (.Values.config.otel.sdkOnly.enabled) (.Values.config.otel.additionalResourceAttributes) -}}
- {{- $additionalResourceAttributes := join "," .Values.config.otel.additionalResourceAttributes }}
- {{- printf "%s,%s" $resourceAttributes $additionalResourceAttributes -}}
-{{- else -}}
-    {{- printf "%s" $resourceAttributes -}}
-{{- end -}}
-{{- end -}}
-
-
 {{/*
  Validate OTK installation type (SINGLE, INTERNAL, DMZ)
 */}}

charts/gateway/templates/deployment.yaml

@@ -354,27 +354,6 @@ spec:
          {{- end }}
          {{- end }}
 {{- end }}
-         {{- if .Values.config.otel.sdkOnly.enabled }}
-          env:
-          - name: NODE_NAME
-            valueFrom:
-              fieldRef:
-                fieldPath: spec.nodeName
-          - name: POD_NAME
-            valueFrom:
-              fieldRef:
-                fieldPath: metadata.name
-          - name: NAMESPACE
-            valueFrom:
-              fieldRef:
-                fieldPath: metadata.namespace
-          - name: CONTAINER_NAME
-            value: gateway
-          - name: OTEL_SERVICE_NAME
-            value: {{ template "gateway.fullname" . }}
-          - name: OTEL_RESOURCE_ATTRIBUTES
-            value: {{ template "gateway.otel.resource.attributes" . }}
-          {{- end }}
           envFrom:
             - configMapRef:
                 name: {{ template "gateway.fullname" . }}-configmap

charts/gateway/templates/ingress.yaml

@@ -1,4 +1,4 @@
-{{ if and (.Values.ingress.enabled) (not .Values.ingress.openshift.route.enabled) }}
+{{ if .Values.ingress.enabled }}
 {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" -}}
 apiVersion: networking.k8s.io/v1
 {{- else -}}
@@ -14,9 +14,6 @@ metadata:
    {{- range $key, $val := .Values.additionalLabels }}
    {{ $key }}: "{{ $val }}"
    {{- end }}
-   {{- range $key, $val := .Values.ingress.labels }}
-   {{ $key }}: "{{ $val }}"
-   {{- end }}
  annotations:
 {{- range $key, $val := .Values.ingress.annotations }}
    {{ $key }}: "{{ $val }}"