kuadrant dev setup

kuadrant-dev-setup/Makefile

@@ -0,0 +1,63 @@
+.PHONY: help local-setup
+
+MKFILE_PATH := $(abspath $(lastword $(MAKEFILE_LIST)))
+PROJECT_PATH := $(patsubst %/,%,$(dir $(MKFILE_PATH)))
+
+local-setup:
+	@echo ""
+	@echo "installing cert-manager operator..."
+	@$(MAKE) cert-manager-install
+	@echo ""
+	@echo "installing default gatewayclass..."
+	@$(MAKE) gatewayclass 
+	@echo ""
+	@echo "installing kuadrant..."
+	@$(MAKE) kuadrant-install
+	@echo ""
+	@echo "installing demo resources..."
+	@$(MAKE) demo-install
+	@echo ""
+	@echo "cluster ready! kuadrant and demo resources installed."
+	@echo ""
+
+cert-manager-install: 
+	@oc apply -f $(PROJECT_PATH)/cert-manager-operator/manifests.yaml
+
+gatewayclass: 
+	@oc apply -f $(PROJECT_PATH)/gatewayclass.yaml
+
+kuadrant-install:
+	@echo ""
+	@oc create namespace kuadrant-system --dry-run=client -o yaml | oc apply -f -
+	@echo ""
+	@echo "installing kuadrant operator"
+	@oc apply -f $(PROJECT_PATH)/kuadrant/operatorgroup.yaml
+	@oc apply -f $(PROJECT_PATH)/kuadrant/catalogsource.yaml
+	@oc apply -f $(PROJECT_PATH)/kuadrant/subscription.yaml
+	@echo "waiting for kuadrant operator..."
+	@oc wait --for=jsonpath='{.status.state}'=AtLatestKnown subscription/kuadrant-operator -n kuadrant-system --timeout=600s
+	@KUADRANT_VERSION=$$(oc get subscription kuadrant-operator -n kuadrant-system -o jsonpath='{.status.installedCSV}'); \
+		oc wait --for=jsonpath='{.status.phase}'=Succeeded csv/$$KUADRANT_VERSION --timeout=300s -n kuadrant-system; \
+		echo "$$KUADRANT_VERSION installed!"
+	@echo ""
+	@echo "creating kuadrant instance..."
+	@oc apply -f $(PROJECT_PATH)/kuadrant/kuadrant-instance.yaml
+	@echo "waiting for kuadrant instance..."
+	@oc wait --timeout=120s kuadrant kuadrant -n kuadrant-system --for=condition=Ready
+	@echo ""
+	@echo "waiting for developer portal controller..."
+	@oc -n kuadrant-system wait --timeout=120s --for=condition=Available deployments developer-portal-controller
+	@echo ""
+	@echo "kuadrant installed!"
+
+demo-install:
+	@echo "installing demo resources..."
+	@kubectl apply -f demo/toystore-demo.yaml
+	@kubectl apply -f demo/gamestore-demo.yaml
+	@kubectl apply -f demo/additional-demos.yaml
+	@echo ""
+	@echo "demo resources installed!"
+	@echo ""
+	@echo "verify with:"
+	@echo "  kubectl get pods -n toystore"
+	@echo "  kubectl get apiproducts -n toystore"

kuadrant-dev-setup/README.md

@@ -0,0 +1,124 @@
+# kuadrant development setup
+
+Development environment for kuadrant console plugin. 
+
+# Requirements
+* [oc](https://console.redhat.com/openshift/downloads) are required.
+* `oc login` (requires [oc](https://console.redhat.com/openshift/downloads) and an [OpenShift cluster 4.19+](https://console.redhat.com/openshift/create))
+
+## Quick Start
+
+```bash
+make local-setup
+```
+
+## What Gets Installed
+
+### Core Components
+
+1. **cert-manager Operator**
+   - Certificate management for Kubernetes
+   - Required for TLS certificate automation
+
+2. **GatewayClass**
+   - Default OpenShift Gateway controller (`openshift-default`)
+   - Enables Kubernetes Gateway API resources
+
+3. **Kuadrant Operator**
+   - Installed via OLM (Operator Lifecycle Manager)
+   - Namespace: `kuadrant-system`
+   - Includes all Kuadrant CRDs (AuthPolicy, RateLimitPolicy, DNSPolicy, TLSPolicy)
+
+4. **Kuadrant Instance**
+   - Developer Portal enabled
+   - Manages API Products and API Key Requests
+
+### Demo Resources
+
+**Toystore Demo** (`toystore` namespace):
+- Gateway: `external` (in `api-gateway` namespace)
+- HTTPRoute: `toystore` (hostname: `api.toystore.com`)
+- Deployment: toystore application
+- AuthPolicy: API key authentication
+- PlanPolicy: Gold (100/day), Silver (50/day), Bronze (10/day) tiers
+- APIProduct: `toystore-api`
+- Secrets: `alice-key` (gold tier), `bob-key` (silver tier)
+
+**Gamestore Demo** (`gamestore` namespace):
+- Gateway: `external` (in `gamestore` namespace)
+- HTTPRoute: `gamestore` (hostname: `api.gamestore.example.com`)
+- HTTPRoute: `gamestore-admin` (hostname: `admin.gamestore.example.com`)
+- HTTPRoute: `policy-free` (no policies attached)
+- Deployment: gamestore application
+- AuthPolicy: JWT authentication on `gamestore`, JWT + API key on `gamestore-admin`
+- RateLimitPolicy: Basic rate limiting (100 req/60s)
+- PlanPolicy: Admin tier (1M/day) on `gamestore-admin`
+- APIProduct: `gamestore-api`, `gamestore-admin`
+
+**Additional API Products** (`toystore` namespace):
+- 6 additional APIProducts demonstrating different owners (owner1, owner2, admin)
+- Mix of manual and automatic approval modes
+- Includes one Draft (unpublished) API product
+
+### Verify Installation
+
+#### 1. Verify Toystore Demo Resources
+```bash
+# check toystore namespace
+oc get pods -n toystore
+# Expected: 1 pod (toystore deployment)
+
+# check api-gateway namespace
+oc get gateway -n api-gateway
+# Expected: 1 gateway (external)
+
+# check toystore routes and policies
+oc get httproute -n toystore
+# Expected: 1 HTTPRoute (toystore)
+
+oc get authpolicy -n toystore
+# Expected: 1 AuthPolicy (toystore)
+
+oc get planpolicy -n toystore
+# Expected: 1 PlanPolicy (toystore-plans)
+
+# check api products
+oc get apiproduct -n toystore
+# Expected: 7 APIProducts (toystore-api + 6 additional)
+
+# check api key secrets
+oc get secrets -n toystore -l app=toystore
+# Expected: 2 secrets (alice-key, bob-key)
+```
+
+#### 2. Verify Gamestore Demo Resources
+```bash
+# check gamestore namespace
+oc get pods -n gamestore
+# Expected: 1 pod (gamestore deployment)
+
+oc get gateway -n gamestore
+# Expected: 1 gateway (external)
+
+# check gamestore routes and policies
+oc get httproute -n gamestore
+# Expected: 3 HTTPRoutes (gamestore, gamestore-admin, policy-free)
+
+oc get authpolicy -n gamestore
+# Expected: 2 AuthPolicies (gamestore, gamestore-admin)
+
+oc get ratelimitpolicy -n gamestore
+# Expected: 1 RateLimitPolicy (gamestore)
+
+oc get planpolicy -n gamestore
+# Expected: 1 PlanPolicy (gamestore-admin-tiers)
+
+oc get apiproduct -n gamestore
+# Expected: 2 APIProducts (gamestore-api, gamestore-admin)
+```
+
+#### 3. Quick Health Check
+```bash
+# all-in-one verification
+oc get kuadrant,gateway,httproute,authpolicy,ratelimitpolicy,planpolicy,apiproduct --all-namespaces
+```

kuadrant-dev-setup/cert-manager-operator/manifests.yaml

@@ -0,0 +1,11 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: cert-manager
+  namespace: openshift-operators
+spec:
+  channel: stable
+  name: cert-manager
+  source: community-operators
+  sourceNamespace: openshift-marketplace
+  installPlanApproval: Automatic

kuadrant-dev-setup/demo/additional-demos.yaml

@@ -0,0 +1,181 @@
+---
+# owner1's payment api
+apiVersion: devportal.kuadrant.io/v1alpha1
+kind: APIProduct
+metadata:
+  name: owner1-payment-api
+  namespace: toystore
+  annotations:
+    backstage.io/owner: user:default/owner1
+spec:
+  displayName: Payment API (Owner1)
+  description: payment processing api owned by owner1
+  version: v1
+  approvalMode: manual
+  publishStatus: Published
+  tags:
+    - payments
+    - fintech
+    - owner1
+  targetRef:
+    group: gateway.networking.k8s.io
+    kind: HTTPRoute
+    name: toystore
+  documentation:
+    openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml
+    docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml
+  contact:
+    team: owner1-team
+    email: owner1@kuadrant.local
+    slack: "#owner1-support"
+---
+# owner1's inventory api
+apiVersion: devportal.kuadrant.io/v1alpha1
+kind: APIProduct
+metadata:
+  name: owner1-inventory-api
+  namespace: toystore
+  annotations:
+    backstage.io/owner: user:default/owner1
+spec:
+  displayName: Inventory API (Owner1)
+  description: inventory management api owned by owner1
+  version: v1
+  approvalMode: automatic
+  publishStatus: Published
+  tags:
+    - inventory
+    - logistics
+    - owner1
+  targetRef:
+    group: gateway.networking.k8s.io
+    kind: HTTPRoute
+    name: toystore
+  documentation:
+    openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml
+    docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml
+  contact:
+    team: owner1-team
+    email: owner1@kuadrant.local
+    slack: "#owner1-support"
+---
+# owner2's shipping api
+apiVersion: devportal.kuadrant.io/v1alpha1
+kind: APIProduct
+metadata:
+  name: owner2-shipping-api
+  namespace: toystore
+  annotations:
+    backstage.io/owner: user:default/owner2
+spec:
+  displayName: Shipping API (Owner2)
+  description: shipping and logistics api owned by owner2
+  version: v1
+  approvalMode: manual
+  publishStatus: Published
+  tags:
+    - shipping
+    - logistics
+    - owner2
+  targetRef:
+    group: gateway.networking.k8s.io
+    kind: HTTPRoute
+    name: toystore
+  documentation:
+    openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml
+    docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml
+  contact:
+    team: owner2-team
+    email: owner2@kuadrant.local
+    slack: "#owner2-support"
+---
+# owner2's customer api
+apiVersion: devportal.kuadrant.io/v1alpha1
+kind: APIProduct
+metadata:
+  name: owner2-customer-api
+  namespace: toystore
+  annotations:
+    backstage.io/owner: user:default/owner2
+spec:
+  displayName: Customer API (Owner2)
+  description: customer management api owned by owner2
+  version: v1
+  approvalMode: automatic
+  publishStatus: Published
+  tags:
+    - customers
+    - crm
+    - owner2
+  targetRef:
+    group: gateway.networking.k8s.io
+    kind: HTTPRoute
+    name: toystore
+  documentation:
+    openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml
+    docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml
+  contact:
+    team: owner2-team
+    email: owner2@kuadrant.local
+    slack: "#owner2-support"
+---
+# admin's analytics api
+apiVersion: devportal.kuadrant.io/v1alpha1
+kind: APIProduct
+metadata:
+  name: admin-analytics-api
+  namespace: toystore
+  annotations:
+    backstage.io/owner: user:default/admin
+spec:
+  displayName: Analytics API (Admin)
+  description: analytics and reporting api owned by admin
+  version: v1
+  approvalMode: manual
+  publishStatus: Published
+  tags:
+    - analytics
+    - reporting
+    - admin
+  targetRef:
+    group: gateway.networking.k8s.io
+    kind: HTTPRoute
+    name: toystore
+  documentation:
+    openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml
+    docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml
+  contact:
+    team: admin-team
+    email: admin@kuadrant.local
+    slack: "#admin-support"
+---
+# draft api (not visible in catalog)
+apiVersion: devportal.kuadrant.io/v1alpha1
+kind: APIProduct
+metadata:
+  name: owner1-draft-api
+  namespace: toystore
+  annotations:
+    backstage.io/owner: user:default/owner1
+spec:
+  displayName: Draft API (Owner1)
+  description: work-in-progress api owned by owner1 (not yet published)
+  version: v1
+  approvalMode: manual
+  publishStatus: Draft
+  tags:
+    - draft
+    - wip
+    - owner1
+  targetRef:
+    group: gateway.networking.k8s.io
+    kind: HTTPRoute
+    name: toystore
+  documentation:
+    openAPISpecURL: https://raw.githubusercontent.com/Kuadrant/kuadrantctl/main/examples/oas3/petstore.yaml
+    docsURL: https://github.com/Kuadrant/kuadrantctl/blob/main/examples/oas3/petstore.yaml
+  contact:
+    team: owner1-team
+    email: owner1@kuadrant.local
+    slack: "#owner1-support"
+---