Add API7 ADC integration to Helm chart for automatic gateway configuration

- Added ADC (API7 Declarative CLI) post-install job for automatic gateway setup - Created ConfigMap with complete API7 routing and service configuration - Integrated cert-manager for automatic TLS certificate management - Added support for Kubernetes service discovery - Implemented auto-publish feature for routes after deployment - Added comprehensive API7 plugin configurations (rate limiting, CORS, auth) - Created RBAC resources for ADC job to access cluster resources - Secured admin credentials using Kubernetes secrets - Updated values.yaml with extensive API7 configuration options - Enhanced documentation with API7 setup and troubleshooting guides
2025-10-03 02:04:35 +02:00
parent d818ee6600
commit fd832e9b42
7 changed files with 590 additions and 1 deletions
--- a/helm/api7ee/values.yaml
+++ b/helm/api7ee/values.yaml
@@ -194,4 +194,92 @@ configMap:
 # Secrets for sensitive data
 secrets:
  create: false
-  data: {}
+  data: {}
+
+# API7 Gateway Configuration
+api7:
+  enabled: true  # Enable API7 ADC configuration
+
+  # ADC Container settings
+  adc:
+    image: ghcr.io/api7/adc:latest
+    imagePullPolicy: IfNotPresent
+    verbose: true
+    tlsSkipVerify: false  # Set to true for self-signed certificates
+
+  # API7 Gateway connection
+  gateway:
+    adminUrl: http://api7-gateway.api7ee.svc.cluster.local:9180
+    adminKey: "edd1c9f034335f136f87ad84b625c8f1"  # Change this!
+    group: default
+
+  # Backend type (api7ee or apisix)
+  backend: api7ee
+
+  # Auto-publish routes after sync
+  autoPublish: true
+
+  # Hosts for routing
+  hosts:
+    - demo.commandware.it
+
+  # TLS/SSL Configuration
+  tls:
+    enabled: true
+    # Option 1: Use cert-manager
+    certManager:
+      enabled: true
+      issuer: letsencrypt-prod  # ClusterIssuer name
+      issuerKind: ClusterIssuer  # or Issuer
+    # Option 2: Use existing secret
+    secretName: ""  # Name of existing TLS secret
+    # Option 3: Provide certificates directly (not recommended for production)
+    certificate: ""
+    key: ""
+
+  # Service Discovery
+  serviceDiscovery:
+    enabled: true  # Use Kubernetes service discovery
+    namespace: ""  # Leave empty to use release namespace
+
+  # API7 Plugins Configuration
+  plugins:
+    # Rate limiting
+    rateLimit:
+      enabled: true
+      count: 100
+      timeWindow: 60
+      apiCount: 1000  # Higher limit for API endpoints
+
+    # CORS configuration
+    cors:
+      enabled: true
+      allowOrigins: ["*"]
+      allowMethods: ["GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD", "PATCH"]
+      allowHeaders: ["*"]
+      exposeHeaders: ["*"]
+      maxAge: 3600
+      allowCredentials: false
+
+    # Authentication
+    auth:
+      enabled: false
+      header: X-API-Key
+
+    # Prometheus metrics
+    prometheus:
+      enabled: true
+
+    # Request logging
+    logging:
+      enabled: false
+      endpoint: http://logging-service:8080/logs
+      batchMaxSize: 1000
+      inactiveTimeout: 5
+
+  # API Consumers (for authentication)
+  consumers:
+    - username: demo-user
+      apiKey: demo-key-12345
+    - username: admin
+      apiKey: admin-key-67890