diff --git a/gke-ingress.yaml b/gke-ingress.yaml new file mode 100644 index 00000000..5913fc14 --- /dev/null +++ b/gke-ingress.yaml @@ -0,0 +1,234 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + config.k8s.io/owning-inventory: config-management-system_helm + configmanagement.gke.io/cluster-name: membership-hub-gke-c01-dev-usw1-22 + configmanagement.gke.io/managed: enabled + configmanagement.gke.io/source-path: root/charts/public-ingress/templates/ingress.yaml + configmanagement.gke.io/token: v1.13 + configsync.gke.io/git-context: '{"repo":"oci://us-docker.pkg.dev/cs-cam-ad00001863-dev6171/docker-virtual","rev":"v1.13"}' + configsync.gke.io/manager: :root_helm + configsync.gke.io/resource-id: networking.k8s.io_ingress_istio-public-ingress_gke-ingress + ingress.gcp.kubernetes.io/pre-shared-cert: mcrt-6027b87d-2bc0-474e-aa9c-81277d8d8287 + ingress.kubernetes.io/backends: '{"k8s1-6642fdfe-istio-public-ingre-istio-ingressgatew-44-8f2a880b":"HEALTHY"}' + ingress.kubernetes.io/https-forwarding-rule: k8s2-fs-jx9oo2tr-istio-public-ingress-gke-ingress-urlomgn7 + ingress.kubernetes.io/https-target-proxy: k8s2-ts-jx9oo2tr-istio-public-ingress-gke-ingress-urlomgn7 + ingress.kubernetes.io/ssl-cert: mcrt-6027b87d-2bc0-474e-aa9c-81277d8d8287 + ingress.kubernetes.io/url-map: k8s2-um-jx9oo2tr-istio-public-ingress-gke-ingress-urlomgn7 + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.class: gce + kubernetes.io/ingress.global-static-ip-name: gke-cam-c01-dev-usw1-public-ip + networking.gke.io/managed-certificates: public-ingress-cert + networking.gke.io/v1beta1.FrontendConfig: ssl-frontend-config + creationTimestamp: "2024-06-27T21:48:13Z" + finalizers: + - networking.gke.io/ingress-finalizer-V2 + generation: 1 + labels: + app.kubernetes.io/managed-by: configmanagement.gke.io + configsync.gke.io/declared-version: v1 + managedFields: + - apiVersion: networking.k8s.io/v1 + fieldsType: FieldsV1 + fieldsV1: + f:metadata: + f:annotations: + f:config.k8s.io/owning-inventory: {} + f:configmanagement.gke.io/cluster-name: {} + f:configmanagement.gke.io/managed: {} + f:configmanagement.gke.io/source-path: {} + f:configmanagement.gke.io/token: {} + f:configsync.gke.io/git-context: {} + f:configsync.gke.io/manager: {} + f:configsync.gke.io/resource-id: {} + f:kubernetes.io/ingress.allow-http: {} + f:kubernetes.io/ingress.class: {} + f:kubernetes.io/ingress.global-static-ip-name: {} + f:networking.gke.io/managed-certificates: {} + f:networking.gke.io/v1beta1.FrontendConfig: {} + f:labels: + f:app.kubernetes.io/managed-by: {} + f:configsync.gke.io/declared-version: {} + f:spec: + f:defaultBackend: + f:service: + f:name: {} + f:port: + f:number: {} + f:rules: {} + manager: configsync.gke.io + operation: Apply + time: "2024-08-13T20:42:57Z" + - apiVersion: networking.k8s.io/v1 + fieldsType: FieldsV1 + fieldsV1: + f:metadata: + f:annotations: + f:ingress.gcp.kubernetes.io/pre-shared-cert: {} + manager: managed-certificate-controller + operation: Update + time: "2024-06-27T21:48:14Z" + - apiVersion: networking.k8s.io/v1 + fieldsType: FieldsV1 + fieldsV1: + f:metadata: + f:annotations: + f:ingress.kubernetes.io/backends: {} + f:ingress.kubernetes.io/https-forwarding-rule: {} + f:ingress.kubernetes.io/https-target-proxy: {} + f:ingress.kubernetes.io/ssl-cert: {} + f:ingress.kubernetes.io/url-map: {} + f:finalizers: + .: {} + v:"networking.gke.io/ingress-finalizer-V2": {} + f:status: + f:loadBalancer: + f:ingress: {} + manager: glbc + operation: Update + subresource: status + time: "2024-06-27T21:50:01Z" + name: gke-ingress + namespace: istio-public-ingress + resourceVersion: "57363355" + uid: c97bc1b5-fd26-41a8-aa38-c722bd27614e +spec: + defaultBackend: + service: + name: istio-ingressgateway + port: + number: 443 + rules: + - host: origin.c01.usw1.cam-dev.sbx.gcp.schwabcloud.com + http: + paths: + - backend: + service: + name: istio-ingressgateway + port: + number: 443 + path: / + pathType: ImplementationSpecific +status: + loadBalancer: + ingress: + - ip: 34.54.38.19 +--- +apiVersion: v1 +kind: Service +metadata: + name: istio-ingressgateway + namespace: istio-public-ingress + annotations: + cloud.google.com/neg: '{"ingress": true}' + beta.cloud.google.com/backend-config: '{"default": "ingress-backendconfig"}' +spec: + selector: + app: whereami + ports: + - port: 443 + protocol: TCP + targetPort: 15021 +--- +apiVersion: networking.gke.io/v1beta1 +kind: FrontendConfig +metadata: + annotations: + config.k8s.io/owning-inventory: config-management-system_helm + configmanagement.gke.io/cluster-name: membership-hub-gke-c01-dev-usw1-22 + configmanagement.gke.io/managed: enabled + configmanagement.gke.io/source-path: root/charts/public-ingress/templates/frontend-config.yaml + configmanagement.gke.io/token: v1.13 + configsync.gke.io/git-context: '{"repo":"oci://us-docker.pkg.dev/cs-cam-ad00001863-dev6171/docker-virtual","rev":"v1.13"}' + configsync.gke.io/manager: :root_helm + configsync.gke.io/resource-id: networking.gke.io_frontendconfig_istio-public-ingress_ssl-frontend-config + creationTimestamp: "2024-06-27T21:48:12Z" + generation: 1 + labels: + app.kubernetes.io/managed-by: configmanagement.gke.io + configsync.gke.io/declared-version: v1beta1 + managedFields: + - apiVersion: networking.gke.io/v1beta1 + fieldsType: FieldsV1 + fieldsV1: + f:metadata: + f:annotations: + f:config.k8s.io/owning-inventory: {} + f:configmanagement.gke.io/cluster-name: {} + f:configmanagement.gke.io/managed: {} + f:configmanagement.gke.io/source-path: {} + f:configmanagement.gke.io/token: {} + f:configsync.gke.io/git-context: {} + f:configsync.gke.io/manager: {} + f:configsync.gke.io/resource-id: {} + f:labels: + f:app.kubernetes.io/managed-by: {} + f:configsync.gke.io/declared-version: {} + f:spec: + f:sslPolicy: {} + manager: configsync.gke.io + operation: Apply + time: "2024-08-13T20:42:56Z" + name: ssl-frontend-config + namespace: istio-public-ingress + resourceVersion: "57363339" + uid: ad308ce3-1744-4902-ab9d-9f6ca88a674f +spec: + sslPolicy: schwab-tls-ssl-policy +--- +apiVersion: cloud.google.com/v1 +kind: BackendConfig +metadata: + annotations: + config.k8s.io/owning-inventory: config-management-system_helm + configmanagement.gke.io/cluster-name: membership-hub-gke-c01-dev-usw1-22 + configmanagement.gke.io/managed: enabled + configmanagement.gke.io/source-path: root/charts/public-ingress/templates/backend-config.yaml + configmanagement.gke.io/token: v1.13 + configsync.gke.io/git-context: '{"repo":"oci://us-docker.pkg.dev/cs-cam-ad00001863-dev6171/docker-virtual","rev":"v1.13"}' + configsync.gke.io/manager: :root_helm + configsync.gke.io/resource-id: cloud.google.com_backendconfig_istio-public-ingress_ingress-backendconfig + creationTimestamp: "2024-06-27T21:48:11Z" + generation: 1 + labels: + app.kubernetes.io/managed-by: configmanagement.gke.io + configsync.gke.io/declared-version: v1 + managedFields: + - apiVersion: cloud.google.com/v1 + fieldsType: FieldsV1 + fieldsV1: + f:metadata: + f:annotations: + f:config.k8s.io/owning-inventory: {} + f:configmanagement.gke.io/cluster-name: {} + f:configmanagement.gke.io/managed: {} + f:configmanagement.gke.io/source-path: {} + f:configmanagement.gke.io/token: {} + f:configsync.gke.io/git-context: {} + f:configsync.gke.io/manager: {} + f:configsync.gke.io/resource-id: {} + f:labels: + f:app.kubernetes.io/managed-by: {} + f:configsync.gke.io/declared-version: {} + f:spec: + f:healthCheck: + f:port: {} + f:requestPath: {} + f:type: {} + f:securityPolicy: + f:name: {} + manager: configsync.gke.io + operation: Apply + time: "2024-08-13T20:42:56Z" + name: ingress-backendconfig + namespace: istio-public-ingress + resourceVersion: "57363337" + uid: efd84921-3b29-404b-b2e7-993e04a40d5d +spec: + healthCheck: + port: 15021 + requestPath: /healthz/ready + type: HTTP + securityPolicy: + name: akamai-policy diff --git a/pkg/i2gw/providers/gce/resource_reader.go b/pkg/i2gw/providers/gce/resource_reader.go index e3512e45..aab6dfae 100644 --- a/pkg/i2gw/providers/gce/resource_reader.go +++ b/pkg/i2gw/providers/gce/resource_reader.go @@ -199,5 +199,6 @@ func (r *reader) readUnstructuredObjects(objects []*unstructured.Unstructured) ( res.Ingresses = ingresses res.Services = services res.BackendConfigs = backendConfigs + res.FrontendConfigs = frontendConfigs return res, nil }