Add kgateway helm chart

[cyclinder]

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #

[gemini-code-assist]

Summary of Changes

Hello @cyclinder, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the deployment and management of the kgateway API gateway by introducing a new, comprehensive Helm chart. The chart bundles necessary Kubernetes Gateway API CRDs and custom kgateway CRDs, facilitating a robust and extensible traffic management solution. It also includes dynamic configuration capabilities and improved support for OCI registries, simplifying the installation process and ensuring proper setup of all components.

Highlights

• New Helm Chart for Kgateway: Introduced a new Helm chart for the kgateway project, enabling streamlined deployment and management of the API gateway within Kubernetes environments.
• Comprehensive CRD Integration: Included subcharts for both standard and experimental Kubernetes Gateway API CRDs, as well as custom kgateway-specific CRDs like BackendConfigPolicy, Backend, DirectResponse, and GatewayExtension, providing extensive traffic management capabilities.
• Dynamic Chart Configuration: Implemented a custom shell script (custom.sh) to dynamically manage Helm chart dependencies and adjust configurations such as image tags, resource requests/limits, and Gateway API installation settings.
• OCI Repository Support: Enhanced the chart generation script (generateChart.sh) to support pulling Helm charts from OCI (Open Container Initiative) registries, offering greater flexibility in chart sourcing.
• Automated Installation Testing: Added an installation script (install.sh) for testing the kgateway Helm chart, ensuring proper deployment and validation of all required CRDs.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• charts/kgateway/config
  • Added configuration variables for the kgateway Helm chart, including repository URL, chart name, version, and upgrade settings.
• charts/kgateway/custom.sh
  • Added a script to manage Helm chart dependencies and dynamically update chart configurations, such as setting image tags and resource limits.
• charts/kgateway/kgateway/.relok8s-images.yaml
  • Added image references for the kgateway controller and envoy-wrapper for relocation purposes.
• charts/kgateway/kgateway/Chart.yaml
  • Added the main Helm chart definition for kgateway, specifying dependencies on gateway-api and kgateway-crds subcharts, and defining keywords.
• charts/kgateway/kgateway/README.md
  • Added documentation for the kgateway Helm chart, detailing its purpose and configuration options.
• charts/kgateway/kgateway/charts/gateway-api/.helmignore
  • Added a .helmignore file for the gateway-api subchart to exclude unnecessary files during packaging.
• charts/kgateway/kgateway/charts/gateway-api/Chart.yaml
  • Added the Chart.yaml for the gateway-api subchart, defining it as an application chart for Gateway API CRDs.
• charts/kgateway/kgateway/charts/gateway-api/README.md
  • Added documentation for the gateway-api subchart, describing its role in providing Gateway API CRDs.
• charts/kgateway/kgateway/charts/gateway-api/templates/NOTES.txt
  • Added installation notes for the gateway-api subchart, including commands to verify CRD installation.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.k8s.io_backendtlspolicies.yaml
  • Added the experimental BackendTLSPolicy CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.k8s.io_gatewayclasses.yaml
  • Added the experimental GatewayClass CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.k8s.io_referencegrants.yaml
  • Added the experimental ReferenceGrant CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.k8s.io_tcproutes.yaml
  • Added the experimental TCPRoute CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.k8s.io_tlsroutes.yaml
  • Added the experimental TLSRoute CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.x-k8s.io_xbackendtrafficpolicies.yaml
  • Added the experimental XBackendTrafficPolicy CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.x-k8s.io_xlistenersets.yaml
  • Added the experimental XListenerSet CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/experimental/gateway.networking.x-k8s.io_xmeshes.yaml
  • Added the experimental XMesh CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/standard/gateway.networking.k8s.io_backendtlspolicies.yaml
  • Added the standard BackendTLSPolicy CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/standard/gateway.networking.k8s.io_gatewayclasses.yaml
  • Added the standard GatewayClass CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/templates/crds/standard/gateway.networking.k8s.io_referencegrants.yaml
  • Added the standard ReferenceGrant CustomResourceDefinition.
• charts/kgateway/kgateway/charts/gateway-api/values.schema.json
  • Added JSON schema for validating values of the gateway-api subchart.
• charts/kgateway/kgateway/charts/gateway-api/values.yaml
  • Added default values for the gateway-api subchart, setting the specification to 'standard'.
• charts/kgateway/kgateway/charts/kgateway-crds/.helmignore
  • Added a .helmignore file for the kgateway-crds subchart.
• charts/kgateway/kgateway/charts/kgateway-crds/Chart.yaml
  • Added the Chart.yaml for the kgateway-crds subchart, defining it as an application chart for kgateway CRDs.
• charts/kgateway/kgateway/charts/kgateway-crds/README.md
  • Added documentation for the kgateway-crds subchart.
• charts/kgateway/kgateway/charts/kgateway-crds/templates/NOTES.txt
  • Added installation notes for the kgateway-crds subchart, including verification and uninstallation instructions.
• charts/kgateway/kgateway/charts/kgateway-crds/templates/gateway.kgateway.dev_backendconfigpolicies.yaml
  • Added the BackendConfigPolicy CustomResourceDefinition for kgateway.
• charts/kgateway/kgateway/charts/kgateway-crds/templates/gateway.kgateway.dev_backends.yaml
  • Added the Backend CustomResourceDefinition for kgateway.
• charts/kgateway/kgateway/charts/kgateway-crds/templates/gateway.kgateway.dev_directresponses.yaml
  • Added the DirectResponse CustomResourceDefinition for kgateway.
• charts/kgateway/kgateway/charts/kgateway-crds/templates/gateway.kgateway.dev_gatewayextensions.yaml
  • Added the GatewayExtension CustomResourceDefinition for kgateway.
• charts/kgateway/kgateway/charts/kgateway-crds/values.yaml
  • Added default values for the kgateway-crds subchart.
• charts/kgateway/kgateway/charts/kgateway/.helmignore
  • Added a .helmignore file for the core kgateway subchart.
• charts/kgateway/kgateway/charts/kgateway/Chart.yaml
  • Added the Chart.yaml for the core kgateway subchart.
• charts/kgateway/kgateway/charts/kgateway/README.md
  • Added documentation for the core kgateway subchart.
• charts/kgateway/kgateway/charts/kgateway/templates/NOTES.txt
  • Added installation notes for the core kgateway subchart.
• charts/kgateway/kgateway/charts/kgateway/templates/_helpers.tpl
  • Added Helm helper templates for naming, labels, and service account management.
• charts/kgateway/kgateway/charts/kgateway/templates/deployment.yaml
  • Added Kubernetes Deployment manifest for the kgateway controller, including container image, ports, probes, and environment variables.
• charts/kgateway/kgateway/charts/kgateway/templates/poddisruptionbudget.yaml
  • Added PodDisruptionBudget manifest for the kgateway controller, conditionally enabled based on values.
• charts/kgateway/kgateway/charts/kgateway/templates/role.yaml
  • Added ClusterRole manifest for kgateway, defining necessary RBAC permissions for various Kubernetes resources and custom resources.
• charts/kgateway/kgateway/charts/kgateway/templates/service.yaml
  • Added Kubernetes Service manifest for the kgateway controller, exposing gRPC, health, and metrics ports.
• charts/kgateway/kgateway/charts/kgateway/templates/serviceaccount.yaml
  • Added ServiceAccount and ClusterRoleBinding manifests for kgateway, ensuring proper permissions for the controller.
• charts/kgateway/kgateway/charts/kgateway/values.yaml
  • Added default values for the core kgateway subchart, configuring image settings, resource requests/limits, and controller behavior.
• charts/kgateway/kgateway/values.schema.json
  • Added JSON schema for validating values of the kgateway wrapper chart.
• charts/kgateway/kgateway/values.yaml
  • Added default values for the kgateway wrapper chart, including settings for the kgateway subchart and Gateway API installation.
• charts/kgateway/parent/.relok8s-images.yaml
  • Added image references for the parent kgateway chart, used for image relocation.
• charts/kgateway/parent/values.schema.json
  • Added JSON schema for validating values of the parent kgateway chart.
• scripts/generateChart.sh
  • Modified to detect and handle OCI-based Helm chart repositories, improving flexibility in chart sourcing.
  • Updated logic for pulling Helm charts to support both traditional and OCI repositories.
  • Adjusted dependency repository URL handling for OCI charts to correctly extract the base URL.
• test/kgateway/install.sh
  • Added a new script to install the kgateway Helm chart and validate the presence of required CRDs in a Kubernetes cluster.

Activity

• The pull request was created by 'cyclinder' to add the kgateway helm chart.
• The PR description includes general guidelines for chart adaptation, values tuning, and labeling of service monitors/prometheus rules, indicating a focus on maintainability and best practices.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new Helm chart for kgateway, including subcharts for CRDs and scripts for chart generation. The changes are extensive and well-structured. My review focuses on correctness, maintainability, and robustness. I have identified a few areas for improvement: a typo in a configuration file, code duplication in a shell script, a potential deployment failure if resource limits are not provided, and inconsistent naming for RBAC resources. I've provided specific suggestions to address these points in the review comments.

I am having trouble creating individual review comments. Click here to see my feedback.

charts/kgateway/kgateway/charts/kgateway/templates/deployment.yaml (72-81)

The deployment will fail with a CreateContainerConfigError if resources.limits.memory or resources.limits.cpu are not set, because the GOMEMLIMIT and GOMAXPROCS environment variables are trying to reference them. To make the chart more robust, you should wrap these environment variable definitions in if blocks to only set them if the corresponding limits are defined.

            {{- if .Values.resources.limits.memory }}
            - name: GOMEMLIMIT
              valueFrom:
                resourceFieldRef:
                  divisor: "1"
                  resource: limits.memory
            {{- end }}
            {{- if .Values.resources.limits.cpu }}
            - name: GOMAXPROCS
              valueFrom:
                resourceFieldRef:
                  divisor: "1"
                  resource: limits.cpu
            {{- end }}

charts/kgateway/config (11)

There is a typo in the variable name UPGRADE_REVIWER. It should be UPGRADE_REVIEWER.

 export UPGRADE_REVIEWER=cyclinder

charts/kgateway/kgateway/charts/kgateway/templates/role.yaml (5)

The name of this ClusterRole is constructed manually. For consistency with Helm best practices and other resources in this chart, it's better to use the kgateway.fullname helper. This also makes it easier to override the name if needed and avoids potential naming conflicts.

  name: {{ include "kgateway.fullname" . }}

charts/kgateway/kgateway/charts/kgateway/templates/serviceaccount.yaml (18-26)

The naming of the ClusterRoleBinding and the reference to the ClusterRole are inconsistent. It's recommended to use the kgateway.fullname helper for naming both the ClusterRole (in role.yaml) and this ClusterRoleBinding for consistency and to follow Helm best practices. The roleRef should also be updated to use the same helper.

  name: {{ include "kgateway.fullname" . }}
subjects:
- kind: ServiceAccount
  name: {{ include "kgateway.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
roleRef:
  kind: ClusterRole
  name: {{ include "kgateway.fullname" . }}
  apiGroup: rbac.authorization.k8s.io

scripts/generateChart.sh (82-103)

This block of logic for handling OCI repositories seems to be duplicated later in the script (lines 113-117). Also, the logic for determining DEP_REPO_URL is duplicated (lines 174-177 and 183-186). To improve maintainability and readability, consider refactoring this logic into a function or setting variables at the beginning of the script and reusing them.