custom template for gw

api/v1alpha1/istiocontrolplane.gen.json

@@ -2774,13 +2774,6 @@
           },
           "templates": {
             "$ref": "#/components/schemas/istio_operator.v2.api.v1alpha1.SidecarInjectionTemplates"
-          },
-          "defaultSidecarTemplates": {
-            "description": "Default templates to be injected",
-            "type": "array",
-            "items": {
-              "type": "string"
-            }
           }
         }
       },

api/v1alpha1/istiocontrolplane.pb.html

@@ -343,17 +343,6 @@ <h2 id="SidecarInjectorConfiguration">SidecarInjectorConfiguration</h2>
 <td>
 <p>SidecarInjectionTemplates spec</p>
 
-</td>
-<td>
-No
-</td>
-</tr>
-<tr id="SidecarInjectorConfiguration-defaultSidecarTemplates">
-<td><code>defaultSidecarTemplates</code></td>
-<td><code>string[]</code></td>
-<td>
-<p>Default templates to be injected</p>
-
 </td>
 <td>
 No

api/v1alpha1/istiocontrolplane.proto

@@ -137,8 +137,6 @@ message SidecarInjectorConfiguration {
     Service service = 2;
     // SidecarInjectionTemplates spec
     SidecarInjectionTemplates templates = 3;
-    // Default templates to be injected
-    repeated string defaultSidecarTemplates = 4;
 }
 
 message SidecarInjectionTemplates {

config/crd/bases/istio-operator-crds.gen.yaml

@@ -6302,10 +6302,6 @@ spec:
                   type: object
                 sidecarInjector:
                   properties:
-                    defaultSidecarTemplates:
-                      items:
-                        type: string
-                      type: array
                     deployment:
                       properties:
                         affinity:
@@ -15346,10 +15342,6 @@ spec:
                   type: object
                 sidecarInjector:
                   properties:
-                    defaultSidecarTemplates:
-                      items:
-                        type: string
-                      type: array
                     deployment:
                       properties:
                         affinity:

controllers/meshgateway_controller.go

@@ -122,11 +122,16 @@ func (r *IstioMeshGatewayReconciler) Reconcile(ctx context.Context, req ctrl.Req
 		generateExternalService = true
 	}
 
+	injectionTemplate := "gateway"
+	if icp.GetSpec().GetSidecarInjector().GetTemplates().GetGateway() != "" {
+		injectionTemplate = "gateway, gatewayOverrides"
+	}
+
 	reconciler, err := NewComponentReconciler(r, func(helmReconciler *components.HelmReconciler) components.ComponentReconciler {
 		return istiomeshgateway.NewChartReconciler(helmReconciler, servicemeshv1alpha1.IstioMeshGatewayProperties{
 			Revision:                fmt.Sprintf("%s.%s", icp.GetName(), icp.GetNamespace()),
 			EnablePrometheusMerge:   utils.BoolPointer(enablePrometheusMerge),
-			InjectionTemplate:       "gateway, gatewayOverrides",
+			InjectionTemplate:       injectionTemplate,
 			InjectionChecksum:       icp.GetStatus().GetChecksums().GetSidecarInjector(),
 			MeshConfigChecksum:      icp.GetStatus().GetChecksums().GetMeshConfig(),
 			IstioControlPlane:       icp,

deploy/charts/istio-operator/crds/istio-operator-crds.gen.yaml

@@ -6302,10 +6302,6 @@ spec:
                   type: object
                 sidecarInjector:
                   properties:
-                    defaultSidecarTemplates:
-                      items:
-                        type: string
-                      type: array
                     deployment:
                       properties:
                         affinity:
@@ -15346,10 +15342,6 @@ spec:
                   type: object
                 sidecarInjector:
                   properties:
-                    defaultSidecarTemplates:
-                      items:
-                        type: string
-                      type: array
                     deployment:
                       properties:
                         affinity:

internal/assets/manifests/istio-discovery/values.yaml.tpl

@@ -128,9 +128,7 @@ sidecarInjectorWebhook:
 {{ valueIf (dict "key" $customTemplate.Name "value" $customTemplate.Template) | indent 4 }}
 {{ end }}
 {{- end }}
-{{- if .GetSpec.GetSidecarInjector.GetDefaultSidecarTemplates }}
-{{ toYamlIf (dict "key" "defaultTemplates" "value" .GetSpec.GetSidecarInjector.GetDefaultSidecarTemplates) | indent 2 }}
-{{- else if and (not .GetSpec.GetSidecarInjector.GetDefaultSidecarTemplates) .GetSpec.GetSidecarInjector.GetTemplates.GetSidecar }}
+{{- if .GetSpec.GetSidecarInjector.GetTemplates.GetSidecar }}
   defaultTemplates:
   - sidecar
   - sidecarOverrides

internal/components/discovery/testdata/icp-expected-resource-dump.yaml

@@ -68,7 +68,6 @@ data:
     defaultTemplates:
     - sidecar
     - sidecarOverrides
-    - custom1
     policy: enabled
     httpProxyEnvs:
       noProxy: localhost
@@ -1404,8 +1403,7 @@ data:
         "alwaysInjectSelector": [],
         "defaultTemplates": [
           "sidecar",
-          "sidecarOverrides",
-          "custom1"
+          "sidecarOverrides"
         ],
         "enableNamespacesByDefault": false,
         "httpProxyEnvs": {

internal/components/discovery/testdata/icp-expected-values.yaml

@@ -182,7 +182,7 @@ telemetry:
     prometheus:
       wasmEnabled: false
 sidecarInjectorWebhook:
-  defaultTemplates: [ sidecar, sidecarOverrides, custom1 ]
+  defaultTemplates: [ sidecar, sidecarOverrides ]
   templates:
     custom1: |
       spec:

internal/components/discovery/testdata/icp-test-cr.yaml

@@ -5,10 +5,6 @@ metadata:
   namespace: istio-system
 spec:
   sidecarInjector:
-    defaultSidecarTemplates:
-    - sidecar
-    - sidecarOverrides
-    - custom1
     templates:
       sidecar: |
         spec:
@@ -46,172 +42,3 @@ spec:
   version: "1.15.3"
   mode: ACTIVE
   networkName: network1
-  containerImageConfiguration:
-    hub: gcr.io/istio-testing
-    tag: latest
-    imagePullPolicy: Never
-    imagePullSecrets:
-    - name: pullsecret-1
-    - name: pullsecret-2
-  logging:
-    level: "default:warning"
-  mountMtlsCerts: false
-  istiod:
-    deployment:
-      metadata:
-        annotations:
-          testannotation.banzaicloud.io/name: "value"
-        labels:
-          testlabel.banzaicloud.io/name: "value"
-      image: container-hub/image-name:tag
-      volumes:
-      - name: "dddemo"
-        volumeSource:
-          secret:
-            secretName: "ssname"
-            optional: true
-      - name: config-vol
-        volumeSource:
-          configMap:
-            localObjectReference:
-              name: log-config
-            items:
-              - key: log_level
-                path: log_level
-      volumeMounts:
-      - name: config-vol
-        mountPath: /etc/config
-      env:
-      - name: TEST_ENV
-        value: test-env-value
-      resources:
-        limits:
-          cpu: "2"
-          memory: 1Gi
-        requests:
-          cpu: 100m
-          memory: 128Mi
-      nodeSelector:
-        disktype: ssd
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-            - matchExpressions:
-              - key: kubernetes.io/e2e-az-name
-                operator: In
-                values:
-                - e2e-az1
-                - e2e-az2
-        podAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-          - labelSelector:
-              matchExpressions:
-              - key: security
-                operator: In
-                values:
-                - S1
-            topologyKey: topology.kubernetes.io/zone
-      podSecurityContext:
-        runAsUser: 1337
-      securityContext:
-        runAsUser: 1337
-        runAsGroup: 1337
-        runAsNonRoot: true
-      imagePullPolicy: Never
-      imagePullSecrets:
-      - name: pullsecret-1
-      - name: pullsecret-2
-      priorityClassName: "high-priority"
-      tolerations:
-      - key: "key1"
-        operator: "Equal"
-        value: "value1"
-        effect: "NoSchedule"
-        tolerationSeconds: 5
-      replicas:
-        count: 1
-        min: 1
-        max: 5
-        targetCPUUtilizationPercentage: 80
-      podMetadata:
-        annotations:
-          podannotation: podannotationvalue
-        labels:
-          podlabel: podlabelvalue
-      podDisruptionBudget:
-        minAvailable: 1
-        maxUnavailable: 5
-      deploymentStrategy:
-        type: RollingUpdate
-        rollingUpdate:
-          maxUnavailable: 30%
-          maxSurge: 100%
-    enableAnalysis: false
-    enableStatus: true
-    externalIstiod:
-      enabled: false
-    traceSampling: 0.5
-    enableProtocolSniffingOutbound: false
-    enableProtocolSniffingInbound: false
-    certProvider: ISTIOD
-  proxy:
-    image: proxyv2
-    privileged: false
-    enableCoreDump: false
-    logLevel: WARNING
-    componentLogLevel: "misc:debug"
-    clusterDomain: "acme.corp"
-    holdApplicationUntilProxyStarts: true
-    lifecycle:
-      postStart:
-        exec:
-          command:
-          - pilot-agent
-          - wait
-    resources:
-      limits:
-        cpu: 500m
-        memory: 512Mi
-      requests:
-        cpu: 100m
-        memory: 128Mi
-    includeIPRanges: "*"
-    excludeIPRanges: ""
-    excludeInboundPorts: ""
-    excludeOutboundPorts: ""
-  proxyInit:
-    cni:
-      enabled: true
-    image: proxyv2
-    resources:
-      limits:
-        cpu: 100m
-        memory: 64Mi
-      requests:
-        cpu: 50m
-        memory: 32Mi
-  telemetryV2:
-    enabled: true
-  sds:
-    tokenAudience: "istio-ca"
-  proxyWasm:
-    enabled: false
-  watchOneNamespace: false
-  jwtPolicy: THIRD_PARTY_JWT
-  caAddress: localhost
-  caProvider: Citadel
-  distribution: cisco
-  httpProxyEnvs:
-    noProxy: "localhost"
-  meshConfig:
-    rootNamespace: "istio-system"
-    caCertificates:
-    - pem: "<pem content>"
-  k8sResourceOverlays:
-  - groupVersionKind:
-      kind: Deployment
-    patches:
-    - type: replace
-      path: /metadata?/labels?/label-added-by-overlay-patch?
-      value: "true"