Expose Korifi Workloads using GatewayAPI

- cfroute resources and the Gateway API httproute resources are in a one
  to one relationship:
  - This simlpifies the cfroute_controller logic and removes the need of
    finalizing cfroutes.
  - The  finalizer deletion logic is left in place so that legacy routes
    on live systems can be deleted.
  - The httproute resources that back the cfroutes simply reuse the
    cfroute name.
- Remove all Contour references from the go code and the helm chart
- Remove the `contourRouter.include` helm value as the CFRoute
  controller is no longer contour specific and does not need to be
  excluded from the deployment.
- Update docs to reflect the switch to the Gateway API.
- Create a new ADR to record the decision to use the GatewayAPI for
  Ingress

Co-authored-by: Georgi Sabev <georgethebeatle@gmail.com>

Author: danail-branekov

README.helm.md

@@ -41,8 +41,6 @@ Here are all the values that can be set for the chart:
 - `containerRegistrySecret` (_String_): Deprecated in favor of containerRegistrySecrets.
 - `containerRegistrySecrets` (_Array_): List of `Secret` names to use when pushing or pulling from package, droplet and kpack builder repositories. Required if eksContainerRegistryRoleARN not set. Ignored if eksContainerRegistryRoleARN is set.
 - `containerRepositoryPrefix` (_String_): The prefix of the container repository where package and droplet images will be pushed. This is suffixed with the app GUID and `-packages` or `-droplets`. For example, a value of `index.docker.io/korifi/` will result in `index.docker.io/korifi/<appGUID>-packages` and `index.docker.io/korifi/<appGUID>-droplets` being pushed.
-- `contourRouter`:
-  - `include` (_Boolean_): Deploy the `contour-router` component.
 - `controllers`:
   - `extraVCAPApplicationValues`: Key-value pairs that are going to be set in the VCAP_APPLICATION env var on apps. Nested values are not supported.
   - `image` (_String_): Reference to the controllers container image.

controllers/api/v1alpha1/cfroute_types.go

@@ -25,6 +25,7 @@ import (
 )
 
 const (
+	// Deprecated. Used for removing leftover finalizers
 	CFRouteFinalizerName = "cfRoute.korifi.cloudfoundry.org"
 
 	ValidStatus   CurrentStatus = "valid"

controllers/config/config.go

@@ -1,7 +1,6 @@
 package config
 
 import (
-	"path/filepath"
 	"time"
 
 	"go.uber.org/zap/zapcore"
@@ -14,16 +13,13 @@ type ControllerConfig struct {
 	IncludeKpackImageBuilder bool `yaml:"includeKpackImageBuilder"`
 	IncludeJobTaskRunner     bool `yaml:"includeJobTaskRunner"`
 	IncludeStatefulsetRunner bool `yaml:"includeStatefulsetRunner"`
-	IncludeContourRouter     bool `yaml:"includeContourRouter"`
 
 	// core controllers
 	CFProcessDefaults                CFProcessDefaults  `yaml:"cfProcessDefaults"`
 	CFStagingResources               CFStagingResources `yaml:"cfStagingResources"`
 	CFRootNamespace                  string             `yaml:"cfRootNamespace"`
 	ContainerRegistrySecretNames     []string           `yaml:"containerRegistrySecretNames"`
 	TaskTTL                          string             `yaml:"taskTTL"`
-	WorkloadsTLSSecretName           string             `yaml:"workloads_tls_secret_name"`
-	WorkloadsTLSSecretNamespace      string             `yaml:"workloads_tls_secret_namespace"`
 	BuilderName                      string             `yaml:"builderName"`
 	RunnerName                       string             `yaml:"runnerName"`
 	NamespaceLabels                  map[string]string  `yaml:"namespaceLabels"`
@@ -37,11 +33,12 @@ type ControllerConfig struct {
 	JobTTL string `yaml:"jobTTL"`
 
 	// kpack-image-builder
-	ClusterBuilderName        string `yaml:"clusterBuilderName"`
-	BuilderServiceAccount     string `yaml:"builderServiceAccount"`
-	BuilderReadinessTimeout   string `yaml:"builderReadinessTimeout"`
-	ContainerRepositoryPrefix string `yaml:"containerRepositoryPrefix"`
-	ContainerRegistryType     string `yaml:"containerRegistryType"`
+	ClusterBuilderName        string     `yaml:"clusterBuilderName"`
+	BuilderServiceAccount     string     `yaml:"builderServiceAccount"`
+	BuilderReadinessTimeout   string     `yaml:"builderReadinessTimeout"`
+	ContainerRepositoryPrefix string     `yaml:"containerRepositoryPrefix"`
+	ContainerRegistryType     string     `yaml:"containerRegistryType"`
+	Networking                Networking `yaml:"networking"`
 }
 
 type CFProcessDefaults struct {
@@ -56,6 +53,11 @@ type CFStagingResources struct {
 	MemoryMB     int64 `yaml:"memoryMB"`
 }
 
+type Networking struct {
+	GatewayName      string `yaml:"gatewayName"`
+	GatewayNamespace string `yaml:"gatewayNamespace"`
+}
+
 const (
 	defaultTaskTTL            = 30 * 24 * time.Hour
 	defaultTimeout      int64 = 60
@@ -94,13 +96,6 @@ func GetLogLevelFromPath(path string) (zapcore.Level, error) {
 	return cfg.LogLevel, nil
 }
 
-func (c ControllerConfig) WorkloadsTLSSecretNameWithNamespace() string {
-	if c.WorkloadsTLSSecretName == "" {
-		return ""
-	}
-	return filepath.Join(c.WorkloadsTLSSecretNamespace, c.WorkloadsTLSSecretName)
-}
-
 func (c ControllerConfig) ParseTaskTTL() (time.Duration, error) {
 	if c.TaskTTL == "" {
 		return defaultTaskTTL, nil

controllers/config/config_test.go

@@ -43,13 +43,15 @@ var _ = Describe("LoadFromPath", func() {
 			CFRootNamespace:                  "rootNamespace",
 			ContainerRegistrySecretNames:     []string{"packageRegistrySecretName"},
 			TaskTTL:                          "taskTTL",
-			WorkloadsTLSSecretName:           "workloadsTLSSecretName",
-			WorkloadsTLSSecretNamespace:      "workloadsTLSSecretNamespace",
 			BuilderName:                      "buildReconciler",
 			RunnerName:                       "statefulset-runner",
 			JobTTL:                           "jobTTL",
 			LogLevel:                         zapcore.DebugLevel,
 			SpaceFinalizerAppDeletionTimeout: tools.PtrTo(int64(42)),
+			Networking: config.Networking{
+				GatewayName:      "gw-name",
+				GatewayNamespace: "gw-ns",
+			},
 		}
 	})
 
@@ -81,15 +83,17 @@ var _ = Describe("LoadFromPath", func() {
 			CFRootNamespace:                  "rootNamespace",
 			ContainerRegistrySecretNames:     []string{"packageRegistrySecretName"},
 			TaskTTL:                          "taskTTL",
-			WorkloadsTLSSecretName:           "workloadsTLSSecretName",
-			WorkloadsTLSSecretNamespace:      "workloadsTLSSecretNamespace",
 			BuilderName:                      "buildReconciler",
 			RunnerName:                       "statefulset-runner",
 			NamespaceLabels:                  map[string]string{},
 			ExtraVCAPApplicationValues:       map[string]any{},
 			JobTTL:                           "jobTTL",
 			LogLevel:                         zapcore.DebugLevel,
 			SpaceFinalizerAppDeletionTimeout: tools.PtrTo(int64(42)),
+			Networking: config.Networking{
+				GatewayName:      "gw-name",
+				GatewayNamespace: "gw-ns",
+			},
 		}))
 	})