{{- if .Values.api7.enabled }} apiVersion: v1 kind: ConfigMap metadata: name: {{ include "api7ee.fullname" . }}-adc-config labels: {{- include "api7ee.labels" . | nindent 4 }} app.kubernetes.io/component: adc data: adc-config.yaml: | services: {{- if .Values.web.enabled }} - name: web-service upstream: name: web-upstream scheme: http type: roundrobin {{- if .Values.api7.serviceDiscovery.enabled }} discovery_type: kubernetes service_name: {{ .Release.Namespace }}/{{ include "api7ee.fullname" . }}-web:http {{- else }} nodes: - host: {{ include "api7ee.fullname" . }}-web.{{ .Release.Namespace }}.svc.cluster.local port: {{ .Values.web.service.port }} weight: 100 {{- end }} routes: - name: web-route uris: - /* hosts: {{- range .Values.api7.hosts }} - {{ . | quote }} {{- end }} priority: 0 plugins: {{- if .Values.api7.tls.enabled }} redirect: http_to_https: true {{- end }} {{- if .Values.api7.plugins.rateLimit.enabled }} limit-count: count: {{ .Values.api7.plugins.rateLimit.count }} time_window: {{ .Values.api7.plugins.rateLimit.timeWindow }} rejected_code: 429 {{- end }} {{- if .Values.api7.plugins.cors.enabled }} cors: allow_origins: {{ .Values.api7.plugins.cors.allowOrigins | toJson }} allow_methods: {{ .Values.api7.plugins.cors.allowMethods | toJson }} allow_headers: {{ .Values.api7.plugins.cors.allowHeaders | toJson }} expose_headers: {{ .Values.api7.plugins.cors.exposeHeaders | toJson }} max_age: {{ .Values.api7.plugins.cors.maxAge }} allow_credentials: {{ .Values.api7.plugins.cors.allowCredentials }} {{- end }} {{- end }} {{- if .Values.api.enabled }} - name: api-service upstream: name: api-upstream scheme: http type: roundrobin {{- if .Values.api7.serviceDiscovery.enabled }} discovery_type: kubernetes service_name: {{ .Release.Namespace }}/{{ include "api7ee.fullname" . }}-api:http {{- else }} nodes: - host: {{ include "api7ee.fullname" . }}-api.{{ .Release.Namespace }}.svc.cluster.local port: {{ .Values.api.service.port }} weight: 100 {{- end }} routes: - name: api-route uris: - /api - /api/* hosts: {{- range .Values.api7.hosts }} - {{ . | quote }} {{- end }} priority: 10 plugins: {{- if .Values.api7.tls.enabled }} redirect: http_to_https: true {{- end }} proxy-rewrite: regex_uri: - ^/api/(.*) - /$1 {{- if .Values.api7.plugins.rateLimit.enabled }} limit-count: count: {{ .Values.api7.plugins.rateLimit.apiCount | default .Values.api7.plugins.rateLimit.count }} time_window: {{ .Values.api7.plugins.rateLimit.timeWindow }} rejected_code: 429 {{- end }} {{- if .Values.api7.plugins.auth.enabled }} key-auth: header: {{ .Values.api7.plugins.auth.header | default "X-API-Key" }} {{- end }} {{- end }} {{- if .Values.api7.tls.enabled }} ssls: - snis: {{- range .Values.api7.hosts }} - {{ . | quote }} {{- end }} certificates: {{- if .Values.api7.tls.certManager.enabled }} - certificate: /etc/ssl/certs/tls.crt key: /etc/ssl/certs/tls.key {{- else if .Values.api7.tls.certificate }} - certificate: | {{ .Values.api7.tls.certificate | nindent 14 }} key: | {{ .Values.api7.tls.key | nindent 14 }} {{- end }} {{- end }} {{- if .Values.api7.plugins.auth.enabled }} consumers: {{- range .Values.api7.consumers }} - username: {{ .username }} plugins: key-auth: key: {{ .apiKey }} {{- end }} {{- end }} global_rules: {{- if .Values.api7.plugins.prometheus.enabled }} - id: prometheus-metrics plugins: prometheus: prefer_name: true {{- end }} {{- if .Values.api7.plugins.logging.enabled }} - id: request-logging plugins: http-logger: uri: {{ .Values.api7.plugins.logging.endpoint }} batch_max_size: {{ .Values.api7.plugins.logging.batchMaxSize | default 1000 }} inactive_timeout: {{ .Values.api7.plugins.logging.inactiveTimeout | default 5 }} {{- end }} {{- end }}