From 51ca8a0f8236a5ed0e15688064ce8c55eeaed904 Mon Sep 17 00:00:00 2001 From: Eguzki Astiz Lezaun Date: Mon, 16 Mar 2026 18:09:38 +0100 Subject: [PATCH 1/4] kuadrant dev setup Signed-off-by: Eguzki Astiz Lezaun --- kuadrant-dev-setup/Makefile | 63 +++++ kuadrant-dev-setup/README.md | 124 +++++++++ .../cert-manager-operator/manifests.yaml | 11 + kuadrant-dev-setup/demo/additional-demos.yaml | 181 ++++++++++++ kuadrant-dev-setup/demo/gamestore-demo.yaml | 261 ++++++++++++++++++ kuadrant-dev-setup/demo/toystore-demo.yaml | 196 +++++++++++++ kuadrant-dev-setup/gatewayclass.yaml | 6 + .../kuadrant/catalogsource.yaml | 13 + .../kuadrant/kuadrant-instance.yaml | 9 + .../kuadrant/operatorgroup.yaml | 7 + kuadrant-dev-setup/kuadrant/subscription.yaml | 11 + 11 files changed, 882 insertions(+) create mode 100644 kuadrant-dev-setup/Makefile create mode 100644 kuadrant-dev-setup/README.md create mode 100644 kuadrant-dev-setup/cert-manager-operator/manifests.yaml create mode 100644 kuadrant-dev-setup/demo/additional-demos.yaml create mode 100644 kuadrant-dev-setup/demo/gamestore-demo.yaml create mode 100644 kuadrant-dev-setup/demo/toystore-demo.yaml create mode 100644 kuadrant-dev-setup/gatewayclass.yaml create mode 100644 kuadrant-dev-setup/kuadrant/catalogsource.yaml create mode 100644 kuadrant-dev-setup/kuadrant/kuadrant-instance.yaml create mode 100644 kuadrant-dev-setup/kuadrant/operatorgroup.yaml create mode 100644 kuadrant-dev-setup/kuadrant/subscription.yaml diff --git a/kuadrant-dev-setup/Makefile b/kuadrant-dev-setup/Makefile new file mode 100644 index 00000000..7ebbe440 --- /dev/null +++ b/kuadrant-dev-setup/Makefile @@ -0,0 +1,63 @@ +.PHONY: help local-setup + +MKFILE_PATH := $(abspath $(lastword $(MAKEFILE_LIST))) +PROJECT_PATH := $(patsubst %/,%,$(dir $(MKFILE_PATH))) + +local-setup: + @echo "" + @echo "installing cert-manager operator..." + @$(MAKE) cert-manager-install + @echo "" + @echo "installing default gatewayclass..." + @$(MAKE) gatewayclass + @echo "" + @echo "installing kuadrant..." + @$(MAKE) kuadrant-install + @echo "" + @echo "installing demo resources..." + @$(MAKE) demo-install + @echo "" + @echo "cluster ready! kuadrant and demo resources installed." + @echo "" + +cert-manager-install: + @oc apply -f $(PROJECT_PATH)/cert-manager-operator/manifests.yaml + +gatewayclass: + @oc apply -f $(PROJECT_PATH)/gatewayclass.yaml + +kuadrant-install: + @echo "" + @oc create namespace kuadrant-system --dry-run=client -o yaml | oc apply -f - + @echo "" + @echo "installing kuadrant operator" + @oc apply -f $(PROJECT_PATH)/kuadrant/operatorgroup.yaml + @oc apply -f $(PROJECT_PATH)/kuadrant/catalogsource.yaml + @oc apply -f $(PROJECT_PATH)/kuadrant/subscription.yaml + @echo "waiting for kuadrant operator..." + @oc wait --for=jsonpath='{.status.state}'=AtLatestKnown subscription/kuadrant-operator -n kuadrant-system --timeout=600s + @KUADRANT_VERSION=$$(oc get subscription kuadrant-operator -n kuadrant-system -o jsonpath='{.status.installedCSV}'); \ + oc wait --for=jsonpath='{.status.phase}'=Succeeded csv/$$KUADRANT_VERSION --timeout=300s -n kuadrant-system; \ + echo "$$KUADRANT_VERSION installed!" + @echo "" + @echo "creating kuadrant instance..." + @oc apply -f $(PROJECT_PATH)/kuadrant/kuadrant-instance.yaml + @echo "waiting for kuadrant instance..." + @oc wait --timeout=120s kuadrant kuadrant -n kuadrant-system --for=condition=Ready + @echo "" + @echo "waiting for developer portal controller..." + @oc -n kuadrant-system wait --timeout=120s --for=condition=Available deployments developer-portal-controller + @echo "" + @echo "kuadrant installed!" + +demo-install: + @echo "installing demo resources..." + @kubectl apply -f demo/toystore-demo.yaml + @kubectl apply -f demo/gamestore-demo.yaml + @kubectl apply -f demo/additional-demos.yaml + @echo "" + @echo "demo resources installed!" + @echo "" + @echo "verify with:" + @echo " kubectl get pods -n toystore" + @echo " kubectl get apiproducts -n toystore" diff --git a/kuadrant-dev-setup/README.md b/kuadrant-dev-setup/README.md new file mode 100644 index 00000000..f00ac843 --- /dev/null +++ b/kuadrant-dev-setup/README.md @@ -0,0 +1,124 @@ +# kuadrant development setup + +Development environment for kuadrant console plugin. + +# Requirements +* [oc](https://console.redhat.com/openshift/downloads) are required. +* `oc login` (requires [oc](https://console.redhat.com/openshift/downloads) and an [OpenShift cluster 4.19+](https://console.redhat.com/openshift/create)) + +## quick start + +```bash +make local-setup +``` + +## what gets installed + +### Core Components + +1. **cert-manager Operator** + - Certificate management for Kubernetes + - Required for TLS certificate automation + +2. **GatewayClass** + - Default OpenShift Gateway controller (`openshift-default`) + - Enables Kubernetes Gateway API resources + +3. **Kuadrant Operator** + - Installed via OLM (Operator Lifecycle Manager) + - Namespace: `kuadrant-system` + - Includes all Kuadrant CRDs (AuthPolicy, RateLimitPolicy, DNSPolicy, TLSPolicy) + +4. **Kuadrant Instance** + - Developer Portal enabled + - Manages API Products and API Key Requests + +### Demo Resources + +**Toystore Demo** (`toystore` namespace): +- Gateway: `external` (in `api-gateway` namespace) +- HTTPRoute: `toystore` (hostname: `api.toystore.com`) +- Deployment: toystore application +- AuthPolicy: API key authentication +- PlanPolicy: Gold (100/day), Silver (50/day), Bronze (10/day) tiers +- APIProduct: `toystore-api` +- Secrets: `alice-key` (gold tier), `bob-key` (silver tier) + +**Gamestore Demo** (`gamestore` namespace): +- Gateway: `external` (in `gamestore` namespace) +- HTTPRoute: `gamestore` (hostname: `api.gamestore.example.com`) +- HTTPRoute: `gamestore-admin` (hostname: `admin.gamestore.example.com`) +- HTTPRoute: `policy-free` (no policies attached) +- Deployment: gamestore application +- AuthPolicy: JWT authentication on `gamestore`, JWT + API key on `gamestore-admin` +- RateLimitPolicy: Basic rate limiting (100 req/60s) +- PlanPolicy: Admin tier (1M/day) on `gamestore-admin` +- APIProduct: `gamestore-api`, `gamestore-admin` + +**Additional API Products** (`toystore` namespace): +- 6 additional APIProducts demonstrating different owners (owner1, owner2, admin) +- Mix of manual and automatic approval modes +- Includes one Draft (unpublished) API product + +### verify installation + +#### 1. Verify Toystore Demo Resources +```bash +# check toystore namespace +oc get pods -n toystore +# Expected: 1 pod (toystore deployment) + +# check api-gateway namespace +oc get gateway -n api-gateway +# Expected: 1 gateway (external) + +# check toystore routes and policies +oc get httproute -n toystore +# Expected: 1 HTTPRoute (toystore) + +oc get authpolicy -n toystore +# Expected: 1 AuthPolicy (toystore) + +oc get planpolicy -n toystore +# Expected: 1 PlanPolicy (toystore-plans) + +# check api products +oc get apiproduct -n toystore +# Expected: 7 APIProducts (toystore-api + 6 additional) + +# check api key secrets +oc get secrets -n toystore -l app=toystore +# Expected: 2 secrets (alice-key, bob-key) +``` + +#### 2. Verify Gamestore Demo Resources +```bash +# check gamestore namespace +oc get pods -n gamestore +# Expected: 1 pod (gamestore deployment) + +oc get gateway -n gamestore +# Expected: 1 gateway (external) + +# check gamestore routes and policies +oc get httproute -n gamestore +# Expected: 3 HTTPRoutes (gamestore, gamestore-admin, policy-free) + +oc get authpolicy -n gamestore +# Expected: 2 AuthPolicies (gamestore, gamestore-admin) + +oc get ratelimitpolicy -n gamestore +# Expected: 1 RateLimitPolicy (gamestore) + +oc get planpolicy -n gamestore +# Expected: 1 PlanPolicy (gamestore-admin-tiers) + +oc get apiproduct -n gamestore +# Expected: 2 APIProducts (gamestore-api, gamestore-admin) +``` + +#### 3. Quick Health Check +```bash +# all-in-one verification +oc get kuadrant,gateway,httproute,authpolicy,ratelimitpolicy,planpolicy,apiproduct --all-namespaces +``` diff --git a/kuadrant-dev-setup/cert-manager-operator/manifests.yaml b/kuadrant-dev-setup/cert-manager-operator/manifests.yaml new file mode 100644 index 00000000..7c815c87 --- /dev/null +++ b/kuadrant-dev-setup/cert-manager-operator/manifests.yaml @@ -0,0 +1,11 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: cert-manager + namespace: openshift-operators +spec: + channel: stable + name: cert-manager + source: community-operators + sourceNamespace: openshift-marketplace + installPlanApproval: Automatic diff --git a/kuadrant-dev-setup/demo/additional-demos.yaml b/kuadrant-dev-setup/demo/additional-demos.yaml new file mode 100644 index 00000000..ce35f580 --- /dev/null +++ b/kuadrant-dev-setup/demo/additional-demos.yaml @@ -0,0 +1,181 @@ +--- +# owner1's payment api +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: owner1-payment-api + namespace: toystore + annotations: + backstage.io/owner: user:default/owner1 +spec: + displayName: Payment API (Owner1) + description: payment processing api owned by owner1 + version: v1 + approvalMode: manual + publishStatus: Published + tags: + - payments + - fintech + - owner1 + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: owner1-team + email: owner1@kuadrant.local + slack: "#owner1-support" +--- +# owner1's inventory api +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: owner1-inventory-api + namespace: toystore + annotations: + backstage.io/owner: user:default/owner1 +spec: + displayName: Inventory API (Owner1) + description: inventory management api owned by owner1 + version: v1 + approvalMode: automatic + publishStatus: Published + tags: + - inventory + - logistics + - owner1 + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: owner1-team + email: owner1@kuadrant.local + slack: "#owner1-support" +--- +# owner2's shipping api +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: owner2-shipping-api + namespace: toystore + annotations: + backstage.io/owner: user:default/owner2 +spec: + displayName: Shipping API (Owner2) + description: shipping and logistics api owned by owner2 + version: v1 + approvalMode: manual + publishStatus: Published + tags: + - shipping + - logistics + - owner2 + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: owner2-team + email: owner2@kuadrant.local + slack: "#owner2-support" +--- +# owner2's customer api +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: owner2-customer-api + namespace: toystore + annotations: + backstage.io/owner: user:default/owner2 +spec: + displayName: Customer API (Owner2) + description: customer management api owned by owner2 + version: v1 + approvalMode: automatic + publishStatus: Published + tags: + - customers + - crm + - owner2 + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: owner2-team + email: owner2@kuadrant.local + slack: "#owner2-support" +--- +# admin's analytics api +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: admin-analytics-api + namespace: toystore + annotations: + backstage.io/owner: user:default/admin +spec: + displayName: Analytics API (Admin) + description: analytics and reporting api owned by admin + version: v1 + approvalMode: manual + publishStatus: Published + tags: + - analytics + - reporting + - admin + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: admin-team + email: admin@kuadrant.local + slack: "#admin-support" +--- +# draft api (not visible in catalog) +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: owner1-draft-api + namespace: toystore + annotations: + backstage.io/owner: user:default/owner1 +spec: + displayName: Draft API (Owner1) + description: work-in-progress api owned by owner1 (not yet published) + version: v1 + approvalMode: manual + publishStatus: Draft + tags: + - draft + - wip + - owner1 + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: owner1-team + email: owner1@kuadrant.local + slack: "#owner1-support" +--- diff --git a/kuadrant-dev-setup/demo/gamestore-demo.yaml b/kuadrant-dev-setup/demo/gamestore-demo.yaml new file mode 100644 index 00000000..9547c377 --- /dev/null +++ b/kuadrant-dev-setup/demo/gamestore-demo.yaml @@ -0,0 +1,261 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: gamestore +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: Gateway +metadata: + name: external + namespace: gamestore +spec: + gatewayClassName: istio + listeners: + - name: http + protocol: HTTP + port: 80 + allowedRoutes: + namespaces: + from: All +--- +apiVersion: v1 +kind: Service +metadata: + name: gamestore + namespace: gamestore + labels: + backstage.io/kubernetes-id: gamestore +spec: + selector: + app: gamestore + ports: + - protocol: TCP + port: 80 + targetPort: 3000 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gamestore + namespace: gamestore + labels: + app: gamestore + backstage.io/kubernetes-id: gamestore +spec: + replicas: 1 + selector: + matchLabels: + app: gamestore + template: + metadata: + labels: + app: gamestore + spec: + containers: + - name: gamestore + image: quay.io/kuadrant/authorino-examples:talker-api + ports: + - containerPort: 3000 + env: + - name: PORT + value: "3000" +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: gamestore + namespace: gamestore +spec: + parentRefs: + - name: external + namespace: gamestore + hostnames: + - api.gamestore.example.com + rules: + - matches: + - path: + type: PathPrefix + value: / + method: GET + backendRefs: + - name: gamestore + port: 80 +--- +apiVersion: kuadrant.io/v1 +kind: AuthPolicy +metadata: + name: gamestore + namespace: gamestore +spec: + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: gamestore + rules: + authentication: + "demo-realm": + jwt: + issuerUrl: https://oidc.example.com/realms/demo +--- +apiVersion: kuadrant.io/v1 +kind: RateLimitPolicy +metadata: + name: gamestore + namespace: gamestore +spec: + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: gamestore + limits: + "basic": + rates: + - limit: 100 + window: 60s +--- +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: gamestore-api + namespace: gamestore + annotations: + backstage.io/owner: user:default/owner2 +spec: + displayName: Gamestore API + description: Simple game store api for demonstration + version: v1 + approvalMode: manual + publishStatus: Published + tags: + - demo + - retail + - games + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: gamestore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: api-owners + email: api-owners@example.com + slack: "#api-support" +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: gamestore-admin + namespace: gamestore +spec: + parentRefs: + - name: external + namespace: gamestore + hostnames: + - admin.gamestore.example.com + rules: + - matches: + - path: + type: PathPrefix + value: / + method: GET + backendRefs: + - name: gamestore + port: 80 +--- +apiVersion: kuadrant.io/v1 +kind: AuthPolicy +metadata: + name: gamestore-admin + namespace: gamestore +spec: + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: gamestore-admin + rules: + authentication: + "demo-admin-realm": + jwt: + issuerUrl: https://oidc.example.com/realms/demo-admin + "vip-users": + apiKey: + selector: + matchLabels: + app: gamestore + role: admin + allNamespaces: true + credentials: + authorizationHeader: + prefix: APIKEY +--- +apiVersion: extensions.kuadrant.io/v1alpha1 +kind: PlanPolicy +metadata: + name: gamestore-admin-tiers + namespace: gamestore +spec: + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: gamestore-admin + plans: + - tier: admin + predicate: | + has(auth.identity) && auth.identity.metadata.annotations["secret.kuadrant.io/plan-id"] == "admin" + limits: + daily: 1000000 +--- +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: gamestore-admin + namespace: gamestore + annotations: + backstage.io/owner: user:default/admin +spec: + displayName: Gamestore Admin API + description: Simple game store admin api for demonstration + version: v1 + approvalMode: manual + publishStatus: Published + tags: + - demo + - admin + - retail + - games + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: gamestore-admin + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: api-owners + email: api-owners@example.com + slack: "#api-support" +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: policy-free + namespace: gamestore + annotations: + info: This HTTPRoute should not be affected by any policy +spec: + parentRefs: + - name: external + namespace: gamestore + hostnames: + - policy-free.gamestore.example.com + rules: + - matches: + - path: + type: PathPrefix + value: / + method: GET + backendRefs: + - name: gamestore + port: 80 diff --git a/kuadrant-dev-setup/demo/toystore-demo.yaml b/kuadrant-dev-setup/demo/toystore-demo.yaml new file mode 100644 index 00000000..eda20059 --- /dev/null +++ b/kuadrant-dev-setup/demo/toystore-demo.yaml @@ -0,0 +1,196 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: api-gateway +--- +apiVersion: v1 +kind: Namespace +metadata: + name: toystore +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: Gateway +metadata: + name: external + namespace: api-gateway +spec: + gatewayClassName: istio + listeners: + - name: http + protocol: HTTP + port: 80 + allowedRoutes: + namespaces: + from: All +--- +apiVersion: v1 +kind: Service +metadata: + name: toystore + namespace: toystore + labels: + backstage.io/kubernetes-id: toystore +spec: + selector: + app: toystore + ports: + - protocol: TCP + port: 80 + targetPort: 3000 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: toystore + namespace: toystore + labels: + app: toystore + backstage.io/kubernetes-id: toystore +spec: + replicas: 1 + selector: + matchLabels: + app: toystore + template: + metadata: + labels: + app: toystore + spec: + containers: + - name: toystore + image: quay.io/kuadrant/authorino-examples:talker-api + ports: + - containerPort: 3000 + env: + - name: PORT + value: "3000" +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: toystore + namespace: toystore +spec: + parentRefs: + - name: external + namespace: api-gateway + hostnames: + - api.toystore.com + rules: + - matches: + - path: + type: PathPrefix + value: / + method: GET + backendRefs: + - name: toystore + port: 80 +--- +apiVersion: kuadrant.io/v1 +kind: AuthPolicy +metadata: + name: toystore + namespace: toystore +spec: + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + rules: + authentication: + "api-key-users": + apiKey: + selector: + matchLabels: + app: toystore + allNamespaces: true + credentials: + authorizationHeader: + prefix: APIKEY +--- +apiVersion: v1 +kind: Secret +metadata: + name: alice-key + namespace: toystore + labels: + app: toystore + annotations: + secret.kuadrant.io/user-id: user:default/alice + secret.kuadrant.io/plan-id: gold +stringData: + api_key: secret-alice-key +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + name: bob-key + namespace: toystore + labels: + app: toystore + annotations: + secret.kuadrant.io/user-id: user:default/bob + secret.kuadrant.io/plan-id: silver +stringData: + api_key: secret-bob-key +type: Opaque +--- +apiVersion: extensions.kuadrant.io/v1alpha1 +kind: PlanPolicy +metadata: + name: toystore-plans + namespace: toystore +spec: + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + plans: + - tier: gold + predicate: | + has(auth.identity) && auth.identity.metadata.annotations["secret.kuadrant.io/plan-id"] == "gold" + limits: + daily: 100 + - tier: silver + predicate: | + has(auth.identity) && auth.identity.metadata.annotations["secret.kuadrant.io/plan-id"] == "silver" + limits: + daily: 50 + - tier: bronze + predicate: | + has(auth.identity) && auth.identity.metadata.annotations["secret.kuadrant.io/plan-id"] == "bronze" + limits: + daily: 10 +--- +apiVersion: devportal.kuadrant.io/v1alpha1 +kind: APIProduct +metadata: + name: toystore-api + namespace: toystore + annotations: + backstage.io/owner: user:default/owner1 +spec: + displayName: Toystore API + description: simple toy store api for demonstration + version: v1 + approvalMode: manual + publishStatus: Published + tags: + - demo + - retail + - toys + targetRef: + group: gateway.networking.k8s.io + kind: HTTPRoute + name: toystore + documentation: + openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml + docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml + contact: + team: api-owners + email: api-owners@example.com + slack: "#api-support" +--- + diff --git a/kuadrant-dev-setup/gatewayclass.yaml b/kuadrant-dev-setup/gatewayclass.yaml new file mode 100644 index 00000000..7d30d7a7 --- /dev/null +++ b/kuadrant-dev-setup/gatewayclass.yaml @@ -0,0 +1,6 @@ +apiVersion: gateway.networking.k8s.io/v1 +kind: GatewayClass +metadata: + name: openshift-default +spec: + controllerName: openshift.io/gateway-controller/v1 diff --git a/kuadrant-dev-setup/kuadrant/catalogsource.yaml b/kuadrant-dev-setup/kuadrant/catalogsource.yaml new file mode 100644 index 00000000..69eaa50a --- /dev/null +++ b/kuadrant-dev-setup/kuadrant/catalogsource.yaml @@ -0,0 +1,13 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: kuadrant-operator-catalog + namespace: kuadrant-system +spec: + sourceType: grpc + image: quay.io/kuadrant/kuadrant-operator-catalog:v1.4.2 + displayName: Kuadrant Operators + publisher: grpc + updateStrategy: + registryPoll: + interval: 5m diff --git a/kuadrant-dev-setup/kuadrant/kuadrant-instance.yaml b/kuadrant-dev-setup/kuadrant/kuadrant-instance.yaml new file mode 100644 index 00000000..fbce5819 --- /dev/null +++ b/kuadrant-dev-setup/kuadrant/kuadrant-instance.yaml @@ -0,0 +1,9 @@ +apiVersion: kuadrant.io/v1beta1 +kind: Kuadrant +metadata: + name: kuadrant + namespace: kuadrant-system +spec: + components: + developerPortal: + enabled: true diff --git a/kuadrant-dev-setup/kuadrant/operatorgroup.yaml b/kuadrant-dev-setup/kuadrant/operatorgroup.yaml new file mode 100644 index 00000000..248943b4 --- /dev/null +++ b/kuadrant-dev-setup/kuadrant/operatorgroup.yaml @@ -0,0 +1,7 @@ +kind: OperatorGroup +apiVersion: operators.coreos.com/v1 +metadata: + name: kuadrant-system + namespace: kuadrant-system +spec: + upgradeStrategy: Default diff --git a/kuadrant-dev-setup/kuadrant/subscription.yaml b/kuadrant-dev-setup/kuadrant/subscription.yaml new file mode 100644 index 00000000..a9d1df68 --- /dev/null +++ b/kuadrant-dev-setup/kuadrant/subscription.yaml @@ -0,0 +1,11 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: kuadrant-operator + namespace: kuadrant-system +spec: + channel: stable + installPlanApproval: Automatic + name: kuadrant-operator + source: kuadrant-operator-catalog + sourceNamespace: kuadrant-system From a3f146c51d824030d235aebdfad81b671dfc6389 Mon Sep 17 00:00:00 2001 From: Eguzki Astiz Lezaun Date: Tue, 17 Mar 2026 14:16:29 +0100 Subject: [PATCH 2/4] kuadrant-dev-setup/README.md: capital letters Signed-off-by: Eguzki Astiz Lezaun --- kuadrant-dev-setup/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kuadrant-dev-setup/README.md b/kuadrant-dev-setup/README.md index f00ac843..5c3aac4a 100644 --- a/kuadrant-dev-setup/README.md +++ b/kuadrant-dev-setup/README.md @@ -6,13 +6,13 @@ Development environment for kuadrant console plugin. * [oc](https://console.redhat.com/openshift/downloads) are required. * `oc login` (requires [oc](https://console.redhat.com/openshift/downloads) and an [OpenShift cluster 4.19+](https://console.redhat.com/openshift/create)) -## quick start +## Quick Start ```bash make local-setup ``` -## what gets installed +## What Gets Installed ### Core Components @@ -60,7 +60,7 @@ make local-setup - Mix of manual and automatic approval modes - Includes one Draft (unpublished) API product -### verify installation +### Verify Installation #### 1. Verify Toystore Demo Resources ```bash From c457e0f69f3d10c7206a4e645c762e75227b1dee Mon Sep 17 00:00:00 2001 From: Eguzki Astiz Lezaun Date: Tue, 17 Mar 2026 17:44:03 +0100 Subject: [PATCH 3/4] kuadrant-dev-setup: fix gatewayClassName Signed-off-by: Eguzki Astiz Lezaun --- e2e/setup.sh | 2 +- kuadrant-dev-setup/demo/gamestore-demo.yaml | 2 +- kuadrant-dev-setup/demo/toystore-demo.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/e2e/setup.sh b/e2e/setup.sh index d57b13c1..2a68ff27 100755 --- a/e2e/setup.sh +++ b/e2e/setup.sh @@ -186,7 +186,7 @@ metadata: name: kuadrant-ingressgateway namespace: gateway-system spec: - gatewayClassName: istio + gatewayClassName: openshift-default listeners: - name: http port: 80 diff --git a/kuadrant-dev-setup/demo/gamestore-demo.yaml b/kuadrant-dev-setup/demo/gamestore-demo.yaml index 9547c377..71bf13cc 100644 --- a/kuadrant-dev-setup/demo/gamestore-demo.yaml +++ b/kuadrant-dev-setup/demo/gamestore-demo.yaml @@ -10,7 +10,7 @@ metadata: name: external namespace: gamestore spec: - gatewayClassName: istio + gatewayClassName: openshift-default listeners: - name: http protocol: HTTP diff --git a/kuadrant-dev-setup/demo/toystore-demo.yaml b/kuadrant-dev-setup/demo/toystore-demo.yaml index eda20059..2fe4a87b 100644 --- a/kuadrant-dev-setup/demo/toystore-demo.yaml +++ b/kuadrant-dev-setup/demo/toystore-demo.yaml @@ -15,7 +15,7 @@ metadata: name: external namespace: api-gateway spec: - gatewayClassName: istio + gatewayClassName: openshift-default listeners: - name: http protocol: HTTP From 28db955a4539738b69294db227e6d5c610b3b386 Mon Sep 17 00:00:00 2001 From: Eguzki Astiz Lezaun Date: Tue, 17 Mar 2026 18:25:36 +0100 Subject: [PATCH 4/4] e2e/setup.sh: revert unwanted change Signed-off-by: Eguzki Astiz Lezaun --- e2e/setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e2e/setup.sh b/e2e/setup.sh index 2a68ff27..d57b13c1 100755 --- a/e2e/setup.sh +++ b/e2e/setup.sh @@ -186,7 +186,7 @@ metadata: name: kuadrant-ingressgateway namespace: gateway-system spec: - gatewayClassName: openshift-default + gatewayClassName: istio listeners: - name: http port: 80