From 0748e96be2069de7ba8609c32b104fe1630aa529 Mon Sep 17 00:00:00 2001
From: Smaine Kahlouch <smainklh@gmail.com>
Date: Thu, 10 Aug 2023 21:30:04 +0200
Subject: [PATCH] =?UTF-8?q?chore(gw-api):=C2=A0configure=20the=20service?=
 =?UTF-8?q?=20in=20order=20to=20create=20AWS=C2=A0NLB?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/base/echo/cilium-clusterpolicy.yaml | 28 ++++++++++++++++++++++++
 apps/base/echo/gateway.yaml              | 10 +++++++++
 apps/base/echo/kustomization.yaml        |  2 ++
 3 files changed, 40 insertions(+)
 create mode 100644 apps/base/echo/cilium-clusterpolicy.yaml
 create mode 100644 apps/base/echo/gateway.yaml

diff --git a/apps/base/echo/cilium-clusterpolicy.yaml b/apps/base/echo/cilium-clusterpolicy.yaml
new file mode 100644
index 0000000..f9b8d8b
--- /dev/null
+++ b/apps/base/echo/cilium-clusterpolicy.yaml
@@ -0,0 +1,28 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: mutate-cilium-gateway-echo-gateway
+  annotations:
+    policies.kyverno.io/title: Mutate echo gateway
+    policies.kyverno.io/severity: medium
+    policies.kyverno.io/description: >-
+      We need to mutate the echo gateway service in order to configure the AWS LB.
+spec:
+  rules:
+    - name: mutate-svc-annotations
+      match:
+        any:
+          - resources:
+              kinds:
+                - Service
+              namespaces:
+                - echo
+              name: cilium-gateway-echo-gateway
+      mutate:
+        patchStrategicMerge:
+          metadata:
+            annotations:
+              external-dns.alpha.kubernetes.io/hostname: echo-${cluster_name}.${domain_name}
+              service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
+              service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
+              service.beta.kubernetes.io/aws-load-balancer-type: "nlb-ip"
diff --git a/apps/base/echo/gateway.yaml b/apps/base/echo/gateway.yaml
new file mode 100644
index 0000000..e7410ed
--- /dev/null
+++ b/apps/base/echo/gateway.yaml
@@ -0,0 +1,10 @@
+apiVersion: gateway.networking.k8s.io/v1beta1
+kind: Gateway
+metadata:
+  name: echo-gateway
+spec:
+  gatewayClassName: cilium
+  listeners:
+    - name: http
+      protocol: HTTP
+      port: 80
diff --git a/apps/base/echo/kustomization.yaml b/apps/base/echo/kustomization.yaml
index 7037d8b..92a765c 100644
--- a/apps/base/echo/kustomization.yaml
+++ b/apps/base/echo/kustomization.yaml
@@ -2,6 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
+  - cilium-clusterpolicy.yaml
+  - gateway.yaml
   - helmrelease-echo-1.yaml
   - helmrelease-echo-2.yaml
   - namespace.yaml