Added gRPC support and additionalPorts

Author: EliMoshkovich

charts/pdp/templates/deployment.yaml

@@ -44,10 +44,11 @@ spec:
               type: RuntimeDefault
           {{- end }}
           ports:
-            - name: pdp
-              containerPort: 7000
-            - name: opa
-              containerPort: 8181
+            - containerPort: {{ .Values.pdp.port }}
+            {{- range .Values.pdp.additionalPorts }}
+            - name: {{ .name }}
+              containerPort: {{ .targetPort }}
+            {{- end }}
           env:
             - name: PDP_API_KEY
               valueFrom:

charts/pdp/templates/service.yaml

@@ -14,11 +14,13 @@ spec:
   selector:
     {{- include "pdp.selectorLabels" . | nindent 4 }}
   ports:
-    - name: pdp
-      port: {{ .Values.pdp.pdpPort }}
-      targetPort: 7000
+    - name: http
       protocol: TCP
-    - name: opa
-      port: {{ .Values.pdp.opaPort }}
-      targetPort: 8181
+      port: {{ .Values.pdp.port }}
+      targetPort: 7000
+    {{- range .Values.pdp.additionalPorts }}
+    - name: {{ .name }}
+      port: {{ .port }}
+      targetPort: {{ .targetPort }}
       protocol: TCP
+    {{- end }}

charts/pdp/values.yaml

@@ -6,16 +6,24 @@ pdp:
     []
     # - name: custom_env
     #   value: "custom_env"
+    #
+    # Example - enable Envoy gRPC ext_authz on port 9191 (requires PDP >= 0.9.10):
+    # - name: PDP_OPA_PLUGINS
+    #   value: '{"permit_graph":{},"envoy_ext_authz_grpc":{"addr":":9191","path":"permit/root"}}'
   ApiKey: "<your PDP API Key>"
 
   # Use an existing secret for the API key instead of creating one
   # If defined, the chart will not create a secret and will use this existing secret
   # existingApiKeySecret:
   #   name: "my-existing-secret"
   #   key: "api-key"
-  # Service ports (external ports exposed by the Kubernetes Service)
-  pdpPort: 7766  # maps to container port 7000 (PDP API)
-  opaPort: 8181  # maps to container port 8181 (OPA)
+  port: 7766
+  # Example - expose Envoy gRPC ext_authz port (requires PDP_OPA_PLUGINS env var above):
+  #   additionalPorts:
+  #     - name: grpc
+  #       port: 9191
+  #       targetPort: 9191
+  additionalPorts: []
   replicas: 1
   image:
     repository: permitio/pdp-v2