From 5dfa3f36c4b5668767f89ba0ec3c4221fbfb81c1 Mon Sep 17 00:00:00 2001
From: arthur <amedina@eshopworld.com>
Date: Tue, 20 Jan 2026 16:50:46 +0100
Subject: [PATCH] Add support for gateway api First glance AI generated

---
 src/chartmuseum/README.md                | 27 ++++++++++
 src/chartmuseum/templates/httproute.yaml | 65 ++++++++++++++++++++++++
 src/chartmuseum/values.yaml              | 29 +++++++++++
 3 files changed, 121 insertions(+)
 create mode 100644 src/chartmuseum/templates/httproute.yaml

diff --git a/src/chartmuseum/README.md b/src/chartmuseum/README.md
index f42b06b..148298c 100644
--- a/src/chartmuseum/README.md
+++ b/src/chartmuseum/README.md
@@ -43,6 +43,7 @@ Please also see https://github.com/helm/chartmuseum
       - [Extra Paths](#extra-paths)
       - [Annotations](#annotations)
       - [Example Ingress configuration](#example-ingress-configuration)
+    - [Gateway API (HTTPRoute)](#gateway-api-httproute)
   - [Uninstall](#uninstall)
   - [Upgrading](#upgrading)
     - [To 3.0.0](#to-300)
@@ -223,6 +224,14 @@ their default values. See values.yaml for all available options.
 | `ingress.extraPaths[0].path`            | Path within the url structure.                                              | `<nil>`                              |
 | `ingress.extraPaths[0].service`         | The name of the service to route traffic to.                                | `<nil>`                              |
 | `ingress.extraPaths[0].port`            | The port of the service to route traffic to.                                | `<nil>`                              |
+| `gatewayAPI.enabled`                    | Enable Gateway API HTTPRoute resource                                       | `false`                              |
+| `gatewayAPI.apiVersion`                 | Override HTTPRoute apiVersion (v1 or v1beta1)                               | `""`                                |
+| `gatewayAPI.annotations`                | HTTPRoute annotations                                                       | `{}`                                 |
+| `gatewayAPI.labels`                     | HTTPRoute labels                                                            | `{}`                                 |
+| `gatewayAPI.parentRefs`                 | Parent Gateway references (required when enabled)                           | `[]`                                 |
+| `gatewayAPI.hostnames`                  | HTTPRoute hostnames                                                         | `[]`                                 |
+| `gatewayAPI.pathPrefix`                 | Default PathPrefix match (defaults to CONTEXT_PATH or "/")                  | `""`                                |
+| `gatewayAPI.rules`                      | Full rules override (renders verbatim when set)                             | `[]`                                 |
 
 Specify each parameter using the `--set key=value[,key=value]` argument to
 `helm install`.
@@ -782,6 +791,24 @@ helm install --name my-chartmuseum chartmuseum/chartmuseum \
   --set ingress.hosts[0].path=/ \
   --set ingress.hosts[0].tls=true \
   --set ingress.hosts[0].tlsSecret=chartmuseum.tls-secret
+
+### Gateway API (HTTPRoute)
+
+This chart can also expose ChartMuseum using the Kubernetes Gateway API by creating an `HTTPRoute`.
+
+At minimum you must provide `gatewayAPI.parentRefs` (the Gateway to attach to). The chart will create a default `PathPrefix` rule that routes to the chart Service on `service.externalPort`.
+
+```yaml
+gatewayAPI:
+  enabled: true
+  parentRefs:
+    - name: my-gateway
+      namespace: gateway-system
+  hostnames:
+    - chartmuseum.example.com
+  # Optional. Defaults to env.open.CONTEXT_PATH or "/".
+  pathPrefix: /
+```
 ```
 
 ## Uninstall
diff --git a/src/chartmuseum/templates/httproute.yaml b/src/chartmuseum/templates/httproute.yaml
new file mode 100644
index 0000000..8aca124
--- /dev/null
+++ b/src/chartmuseum/templates/httproute.yaml
@@ -0,0 +1,65 @@
+{{- if .Values.gatewayAPI.enabled -}}
+{{- $hasV1 := .Capabilities.APIVersions.Has "gateway.networking.k8s.io/v1/HTTPRoute" -}}
+{{- $hasV1beta1 := .Capabilities.APIVersions.Has "gateway.networking.k8s.io/v1beta1/HTTPRoute" -}}
+
+{{- if not .Values.gatewayAPI.parentRefs -}}
+{{- fail "gatewayAPI.enabled requires gatewayAPI.parentRefs to be set" -}}
+{{- end -}}
+
+{{- $servicePort := .Values.service.externalPort -}}
+{{- $serviceName := (.Values.service.servicename | default (include "chartmuseum.fullname" .)) -}}
+
+{{- $apiVersion := .Values.gatewayAPI.apiVersion -}}
+{{- if not $apiVersion -}}
+{{- if $hasV1 -}}
+{{- $apiVersion = "gateway.networking.k8s.io/v1" -}}
+{{- else if $hasV1beta1 -}}
+{{- $apiVersion = "gateway.networking.k8s.io/v1beta1" -}}
+{{- else -}}
+{{- $apiVersion = "gateway.networking.k8s.io/v1" -}}
+{{- end -}}
+{{- end -}}
+
+{{- $rawPath := default (default "/" .Values.env.open.CONTEXT_PATH) .Values.gatewayAPI.pathPrefix -}}
+{{- $pathPrefix := $rawPath -}}
+{{- if not $pathPrefix -}}
+{{- $pathPrefix = "/" -}}
+{{- end -}}
+{{- if not (hasPrefix "/" $pathPrefix) -}}
+{{- $pathPrefix = printf "/%s" $pathPrefix -}}
+{{- end -}}
+
+---
+apiVersion: {{ $apiVersion }}
+kind: HTTPRoute
+metadata:
+  name: {{ include "chartmuseum.fullname" . }}
+  {{- with .Values.gatewayAPI.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "chartmuseum.labels" . | nindent 4 }}
+    {{- with .Values.gatewayAPI.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  parentRefs:
+    {{- toYaml .Values.gatewayAPI.parentRefs | nindent 4 }}
+  {{- with .Values.gatewayAPI.hostnames }}
+  hostnames:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  rules:
+  {{- if .Values.gatewayAPI.rules }}
+    {{- toYaml .Values.gatewayAPI.rules | nindent 4 }}
+  {{- else }}
+    - matches:
+        - path:
+            type: PathPrefix
+            value: {{ $pathPrefix | quote }}
+      backendRefs:
+        - name: {{ $serviceName }}
+          port: {{ $servicePort }}
+  {{- end }}
+{{- end -}}
diff --git a/src/chartmuseum/values.yaml b/src/chartmuseum/values.yaml
index 0dc6d4c..81707dc 100644
--- a/src/chartmuseum/values.yaml
+++ b/src/chartmuseum/values.yaml
@@ -333,6 +333,35 @@ ingress:
   # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
   ingressClassName:
 
+## Gateway API (HTTPRoute)
+## Requires Gateway API CRDs installed on the cluster.
+## ref: https://gateway-api.sigs.k8s.io/
+gatewayAPI:
+  enabled: false
+  ## Optional override, e.g. "gateway.networking.k8s.io/v1" or "gateway.networking.k8s.io/v1beta1".
+  ## If empty, the chart will prefer v1 when available.
+  apiVersion: ""
+  labels: {}
+  annotations: {}
+
+  ## Required when enabled. Example:
+  ## parentRefs:
+  ##   - name: my-gateway
+  ##     namespace: gateway-system
+  parentRefs: []
+
+  ## Optional hostnames. Example:
+  ## hostnames:
+  ##   - chartmuseum.example.com
+  hostnames: []
+
+  ## Optional path prefix match. Defaults to env.open.CONTEXT_PATH or "/".
+  pathPrefix: ""
+
+  ## Optional full rules override. If set, the chart will render this verbatim.
+  ## If empty, the chart renders a default PathPrefix rule to the chart Service.
+  rules: []
+
 # Adding secrets to tiller is not a great option, so If you want to use an existing
 # secret that contains the json file, you can use the following entries
 gcp: