Open
Conversation
bkochendorfer
commented
Mar 12, 2026
| {{- end }} | ||
| spec: | ||
| gatewayClassName: {{ $gateway.className }} | ||
| {{- if $gateway.addresses }} |
Member
Author
There was a problem hiding this comment.
addresses is part of the standard Gateway API spec https://gateway-api.sigs.k8s.io/reference/spec/#gatewayspecaddress but it is optional. This is not a provider specific change rather it does not render addresses if none are provided.
bkochendorfer
commented
Mar 12, 2026
| - {{ $cert }} | ||
| {{- end }} | ||
| type: certmap | ||
| type: {{ $gatewayConfig.tlsType }} |
Member
Author
There was a problem hiding this comment.
certmap is GKE specific
bkochendorfer
commented
Mar 12, 2026
| component: gateway | ||
| type: {{ $gatewayConfig.type }} | ||
| className: {{ $gatewayConfig.className }} | ||
| addresses: |
Member
Author
There was a problem hiding this comment.
I wonder if we want to do the same addresses optional if here.
bkochendorfer
commented
Mar 12, 2026
| {{- $labels.labels | toYaml | nindent 4 }} | ||
| {{- $params = dict "type" "serviceAccount" }} | ||
| {{- $annotations := include "mozcloud.annotations.argo" $params | fromYaml }} | ||
| {{- if or (eq (index (index .Values "cloud" | default dict) "provider" | default "gke") "gke") $annotations }} |
Member
Author
There was a problem hiding this comment.
Not sure if this is correct. We likely still want annotations here. Just maybe different annotations.
Contributor
There was a problem hiding this comment.
Leaving the non-GKE annotations is good. We'll need those for Argo.
On that note, we'll probably need to make Argo optional as well. That can be a future PR though.
bkochendorfer
force-pushed
the
MZCLD-2405
branch
from
2b88553 to
9507293
Compare
Currently we produce annotations, negs, and other items specifically tied to GKE. This PR is a first pass at adding conditionals around these GKE specific implementations. As our next target is likely to be an `on-prem` we introduce another values file to render the charts and test them without these specific implementations. As we gather more information about what we need to support for `on-prem` or other `providers` we can add specific cases for those options.
bkochendorfer
force-pushed
the
MZCLD-2405
branch
from
9507293 to
9513a40
Compare
| */ -}} | ||
| {{- define "mozcloud.gateway.backends" -}} | ||
| {{- $workloads := .workloads -}} | ||
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" -}} |
Contributor
There was a problem hiding this comment.
Suggested change
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" -}} | |
| {{- $provider := dig "cloud" "provider" "gke" .Values }} |
I think you could simplify this using something like this.
| */}} | ||
| {{- if not (include "mozcloud.preview.usePreviewHttpRoute" .) }} | ||
| {{- $params := mergeOverwrite $context (dict "globals" .Values.global.mozcloud "workloads" $workloads) }} | ||
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} |
Contributor
There was a problem hiding this comment.
Suggested change
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} | |
| {{- $provider := dig "cloud" "provider" "gke" .Values }} |
Same simplification here.
| GKE-specific gateway backend resources: GCPBackendPolicy, HealthCheckPolicy. | ||
| Only rendered when cloud.provider is "gke". | ||
| */ -}} | ||
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} |
Contributor
There was a problem hiding this comment.
Suggested change
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} | |
| {{- $provider := dig "cloud" "provider" "gke" .Values }} |
| redirectToHttps: | ||
| enabled: true | ||
| responseCodeName: MOVED_PERMANENTLY_DEFAULT | ||
| sslPolicy: mozilla-intermediate |
Contributor
There was a problem hiding this comment.
I believe this is unique to our specific GCP projects. We may want to make this configurable when cloud.provider == gke.
| {{- end -}} | ||
|
|
||
| {{- /* We do not use ingress resources for preview environments, and FrontendConfig is GKE-only */}} | ||
| {{- if and .Values.enabled (not (include "mozcloud.preview.enabled" .)) (eq (index (index .Values "cloud" | default dict) "provider" | default "gke") "gke") }} |
Contributor
There was a problem hiding this comment.
Suggested change
| {{- if and .Values.enabled (not (include "mozcloud.preview.enabled" .)) (eq (index (index .Values "cloud" | default dict) "provider" | default "gke") "gke") }} | |
| {{- if and .Values.enabled (not (include "mozcloud.preview.enabled" .)) (eq (dig "cloud" "provider" "gke" .Values) "gke") }} |
| @@ -1,10 +1,12 @@ | |||
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} | |||
Contributor
There was a problem hiding this comment.
Suggested change
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} | |
| {{- $provider := dig "cloud" "provider" "gke" .Values }} |
| GKE-specific gateway resources: GCPGatewayPolicy. | ||
| Only rendered when cloud.provider is "gke". | ||
| */ -}} | ||
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} |
Contributor
There was a problem hiding this comment.
Suggested change
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} | |
| {{- $provider := dig "cloud" "provider" "gke" .Values }} |
Comment on lines
+5
to
+18
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} | ||
| {{- if and (eq $provider "gke") (not (include "mozcloud.preview.usePreviewHttpRoute" .)) }} | ||
| {{- $chartMetadata := dict "Chart" .Chart "Release" .Release }} | ||
| {{- $context := deepCopy . }} | ||
| {{- $labelParams := mergeOverwrite $chartMetadata (include "mozcloud.labelParams" . | fromYaml) }} | ||
| {{- $previewConfig := mergeOverwrite (default dict .Values.global.preview) (default dict .Values.preview) }} | ||
| {{- $formatterParams := dict "api" "gateway" "workloads" (.Values.workloads | deepCopy) "preview" $previewConfig }} | ||
| {{- $workloads := include "mozcloud.formatter.workloads" $formatterParams | fromYaml -}} | ||
| {{- $hosts := list }} | ||
| {{- range $workloadName, $workloadConfig := $workloads }} | ||
| {{- range $hostName, $hostConfig := $workloadConfig.hosts }} | ||
| {{- $hosts = append $hosts $hostName }} | ||
| {{- end }} | ||
| {{- end }} |
Contributor
There was a problem hiding this comment.
Since we keep doing some form of this across the Gateway and Ingress templates, I think it may make sense to create a helper function for this that we can call to get workloads and hosts.
| GKE-specific ingress resources: BackendConfig, ManagedCertificate. | ||
| Only rendered when cloud.provider is "gke". | ||
| */ -}} | ||
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} |
Contributor
There was a problem hiding this comment.
Suggested change
| {{- $provider := index (index .Values "cloud" | default dict) "provider" | default "gke" }} | |
| {{- $provider := dig "cloud" "provider" "gke" .Values }} |
Comment on lines
+20
to
+22
| {{- if or (eq (index (index .Values "cloud" | default dict) "provider" | default "gke") "gke") $annotations }} | ||
| annotations: | ||
| {{- if eq (index (index .Values "cloud" | default dict) "provider" | default "gke") "gke" }} |
Contributor
There was a problem hiding this comment.
Suggested change
| {{- if or (eq (index (index .Values "cloud" | default dict) "provider" | default "gke") "gke") $annotations }} | |
| annotations: | |
| {{- if eq (index (index .Values "cloud" | default dict) "provider" | default "gke") "gke" }} | |
| {{- $provider := dig "cloud" "provider" "gke" .Values }} | |
| {{- if or (eq $provider "gke") $annotations }} | |
| annotations: | |
| {{- if eq $provider "gke" }} |
| # On-premises / non-GKE values profile for the mozcloud chart. | ||
| # | ||
| # Usage: | ||
| # helm template my-release . -f values.yaml -f values-onprem.yaml |
Contributor
There was a problem hiding this comment.
Suggested change
| # helm template my-release . -f values.yaml -f values-onprem.yaml | |
| # helm template my-release . -f values-onprem.yaml |
values.yaml will always be rendered by default, even when specifying an alternate values file.
Comment on lines
+940
to
+942
| "type": "string", | ||
| "description": "Cloud provider. Use \"gke\" for Google Kubernetes Engine (default), or \"on-prem\" for self hosted clusters.", | ||
| "default": "gke" |
Contributor
There was a problem hiding this comment.
Do we know which providers we will be supporting yet? Is it boudned? If so, we may want to use an enum for this.
Comment on lines
-122
to
-173
| apiVersion: networking.gke.io/v1 | ||
| kind: GCPBackendPolicy | ||
| metadata: | ||
| labels: | ||
| app.kubernetes.io/component: api | ||
| app.kubernetes.io/managed-by: argocd | ||
| app.kubernetes.io/name: mozcloud-test | ||
| app_code: mozcloud-test | ||
| component_code: api | ||
| env_code: dev | ||
| helm.sh/chart: test-chart | ||
| mozcloud_chart: mozcloud | ||
| mozcloud_chart_version: 1.0.0 | ||
| preview_pr: "789" | ||
| realm: nonprod | ||
| name: pr789-api-service | ||
| spec: | ||
| default: | ||
| logging: | ||
| enabled: true | ||
| sampleRate: 100000 | ||
| targetRef: | ||
| group: "" | ||
| kind: Service | ||
| name: pr789-api-service | ||
| 6: | | ||
| apiVersion: networking.gke.io/v1 | ||
| kind: HealthCheckPolicy | ||
| metadata: | ||
| labels: | ||
| app.kubernetes.io/component: api | ||
| app.kubernetes.io/managed-by: argocd | ||
| app.kubernetes.io/name: mozcloud-test | ||
| app_code: mozcloud-test | ||
| component_code: api | ||
| env_code: dev | ||
| helm.sh/chart: test-chart | ||
| mozcloud_chart: mozcloud | ||
| mozcloud_chart_version: 1.0.0 | ||
| preview_pr: "789" | ||
| realm: nonprod | ||
| name: pr789-api-service | ||
| spec: | ||
| default: | ||
| config: | ||
| httpHealthCheck: | ||
| requestPath: /__lbheartbeat__ | ||
| type: HTTP | ||
| targetRef: | ||
| group: "" | ||
| kind: Service | ||
| name: pr789-api-service |
Contributor
There was a problem hiding this comment.
It seems like this shouldn't be getting deleted outright. Was this intentional?
emaydeck-mozilla
requested changes
Mar 17, 2026
Contributor
emaydeck-mozilla
left a comment
emaydeck-mozilla
left a comment
There was a problem hiding this comment.
Left several comments above with some suggestions and thoughts.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Currently we produce annotations, negs, and other items specifically tied to GKE. This PR is a first pass at adding conditionals around these GKE specific implementations.
As our next target is likely to be an
on-premwe introduce another values file to render the charts and test them without these specific implementations.As we gather more information about what we need to support for
on-premor otherproviderswe can add specific cases for those options.References