Introduce experimental.managedServices.include helm value

README.helm.md

@@ -74,6 +74,9 @@ Here are all the values that can be set for the chart:
 - `debug` (_Boolean_): Enables remote debugging with [Delve](https://github.com/go-delve/delve).
 - `defaultAppDomainName` (_String_): Base domain name for application URLs.
 - `eksContainerRegistryRoleARN` (_String_): Amazon Resource Name (ARN) of the IAM role to use to access the ECR registry from an EKS deployed Korifi. Required if containerRegistrySecret not set.
+- `experimental`: Experimental features. Make sure you do not enable those on production. No guarantee provided! Backwards incompatible changes in future are quite probable!
+  - `managedServices`:
+    - `include` (_Boolean_): Enable managed services support
 - `generateIngressCertificates` (_Boolean_): Use `cert-manager` to generate self-signed certificates for the API and app endpoints.
 - `helm`:
   - `hooksImage` (_String_): Image for the helm hooks containing kubectl

api/config/config.go

@@ -47,6 +47,8 @@ type (
 		AuthProxyHost   string        `yaml:"authProxyHost"`
 		AuthProxyCACert string        `yaml:"authProxyCACert"`
 		LogLevel        zapcore.Level `yaml:"logLevel"`
+
+		ExperimentalManagedServicesEnabled bool `yaml:"experimentalManagedServicesEnabled"`
 	}
 
 	RoleLevel string

api/config/config_test.go

@@ -46,6 +46,7 @@ var _ = Describe("Config", func() {
 				Stack:           "lc-stack",
 				StagingMemoryMB: 10,
 			},
+			"experimentalManagedServicesEnabled": true,
 		}
 	})
 
@@ -88,6 +89,7 @@ var _ = Describe("Config", func() {
 			StagingMemoryMB: 10,
 		}))
 		Expect(cfg.ContainerRegistryType).To(BeEmpty())
+		Expect(cfg.ExperimentalManagedServicesEnabled).To(BeTrue())
 	})
 
 	When("the FQDN is not specified", func() {

controllers/config/config.go

@@ -43,6 +43,8 @@ type ControllerConfig struct {
 	ContainerRepositoryPrefix string     `yaml:"containerRepositoryPrefix"`
 	ContainerRegistryType     string     `yaml:"containerRegistryType"`
 	Networking                Networking `yaml:"networking"`
+
+	ExperimentalManagedServicesEnabled bool `yaml:"experimentalManagedServicesEnabled"`
 }
 
 type CFProcessDefaults struct {

controllers/config/config_test.go

@@ -52,6 +52,7 @@ var _ = Describe("LoadFromPath", func() {
 				GatewayName:      "gw-name",
 				GatewayNamespace: "gw-ns",
 			},
+			ExperimentalManagedServicesEnabled: true,
 		}
 	})
 
@@ -94,6 +95,7 @@ var _ = Describe("LoadFromPath", func() {
 				GatewayName:      "gw-name",
 				GatewayNamespace: "gw-ns",
 			},
+			ExperimentalManagedServicesEnabled: true,
 		}))
 	})
 

helm/korifi/api/configmap.yaml

@@ -53,6 +53,7 @@ data:
     {{- if .Values.eksContainerRegistryRoleARN }}
     containerRegistryType: "ECR"
     {{- end }}
+    experimentalManagedServicesEnabled: {{ .Values.experimental.managedServices.include }}
   role_mappings_config.yaml: |
     roleMappings:
       admin:

helm/korifi/controllers/configmap.yaml

@@ -61,4 +61,5 @@ data:
     networking:
       gatewayNamespace: {{ .Release.Namespace }}-gateway
       gatewayName: korifi
+    experimentalManagedServicesEnabled: {{ .Values.experimental.managedServices.include }}
 

helm/korifi/values.schema.json

@@ -224,7 +224,14 @@
               "type": "string"
             }
           },
-          "required": ["description", "name", "minCLIVersion", "recommendedCLIVersion", "custom", "supportAddress"]
+          "required": [
+            "description",
+            "name",
+            "minCLIVersion",
+            "recommendedCLIVersion",
+            "custom",
+            "supportAddress"
+          ]
         },
         "lifecycle": {
           "type": "object",
@@ -579,6 +586,21 @@
         }
       },
       "type": "object"
+    },
+    "experimental": {
+      "properties": {
+        "managedServices": {
+          "properties": {
+            "include": {
+              "description": "Enable managed services support",
+              "type": "boolean"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "description": "Experimental features. Make sure you do not enable those on production. No guarantee provided! Backwards incompatible changes in future are quite probable!",
+      "type": "object"
     }
   },
   "required": [

helm/korifi/values.yaml

@@ -10,6 +10,8 @@ eksContainerRegistryRoleARN: ""
 containerRegistryCACertSecret:
 systemImagePullSecrets: []
 
+experimentalManagedServicesEnabled: false
+
 reconcilers:
   build: kpack-image-builder
   run: statefulset-runner
@@ -23,7 +25,7 @@ api:
   include: true
 
   image: cloudfoundry/korifi-api:latest
-  
+
   nodeSelector: {}
   tolerations: []
   replicas: 1
@@ -66,7 +68,7 @@ api:
 
 controllers:
   image: cloudfoundry/korifi-controllers:latest
-  
+
   nodeSelector: {}
   tolerations: []
   replicas: 1
@@ -138,3 +140,7 @@ helm:
 
 networking:
   gatewayClass:
+
+experimental:
+  managedServices:
+    include: false

scripts/deploy-on-kind.sh

@@ -211,6 +211,7 @@ function deploy_korifi() {
       --set=kpackImageBuilder.clusterStackRunImage="paketobuildpacks/run-jammy-base" \
       --set=kpackImageBuilder.builderRepository="$KPACK_BUILDER_REPOSITORY" \
       --set=networking.gatewayClass="contour" \
+      --set=experimental.managedServices.include="true" \
       --wait
   }
   popd >/dev/null

scripts/installer/install-korifi-kind.yaml

@@ -111,6 +111,7 @@ spec:
             --set=kpackImageBuilder.clusterStackRunImage="paketobuildpacks/run-jammy-base" \
             --set=kpackImageBuilder.builderRepository="localregistry-docker-registry.default.svc.cluster.local:30050/kpack-builder" \
             --set=networking.gatewayClass="contour" \
+            --set=experimental.managedServices.include="true" \
             --wait
 
           kubectl wait --for=condition=ready clusterbuilder --all=true --timeout=15m