From 6f2431d29189b022243ee597a3ff6844adc2c4bf Mon Sep 17 00:00:00 2001
From: Andrew Stucki <andrew.stucki@hashicorp.com>
Date: Tue, 8 Feb 2022 12:54:53 -0500
Subject: [PATCH 1/4] Add support for api gateway + consul namespaces

---
 .../api-gateway-controller-deployment.yaml    | 11 ++++++
 .../api-gateway-controller-deployment.bats    | 38 +++++++++++++++++++
 charts/consul/values.yaml                     | 23 +++++++++++
 3 files changed, 72 insertions(+)

diff --git a/charts/consul/templates/api-gateway-controller-deployment.yaml b/charts/consul/templates/api-gateway-controller-deployment.yaml
index 2622fec731..c76cd9a29e 100644
--- a/charts/consul/templates/api-gateway-controller-deployment.yaml
+++ b/charts/consul/templates/api-gateway-controller-deployment.yaml
@@ -79,6 +79,17 @@ spec:
             consul-api-gateway server \
               -sds-server-host {{ template "consul.fullname" . }}-api-gateway-controller.{{ .Release.Namespace }}.svc \
               -k8s-namespace {{ .Release.Namespace }} \
+              {{- if .Values.global.enableConsulNamespaces }}
+              {{- if .Values.apiGateway.consulNamespaces.consulDestinationNamespace }}
+              -consul-destination-namespace={{ .Values.apiGateway.consulNamespaces.consulDestinationNamespace }} \
+              {{- end }}
+              {{- if .Values.apiGateway.consulNamespaces.mirroringK8S }}
+              -mirror-k8s-namespaces=true \
+              {{- if .Values.apiGateway.consulNamespaces.mirroringK8SPrefix }}
+              -mirror-k8s-namespace-prefix={{ .Values.apiGateway.consulNamespaces.mirroringK8SPrefix }} \
+              {{- end }}
+              {{- end }}
+              {{- end }}
               -log-level {{ default .Values.global.logLevel .Values.apiGateway.logLevel }} \
         volumeMounts:
           {{- if .Values.global.tls.enabled }}
diff --git a/charts/consul/test/unit/api-gateway-controller-deployment.bats b/charts/consul/test/unit/api-gateway-controller-deployment.bats
index 73b23e26ef..bea24daad7 100755
--- a/charts/consul/test/unit/api-gateway-controller-deployment.bats
+++ b/charts/consul/test/unit/api-gateway-controller-deployment.bats
@@ -36,6 +36,44 @@ load _helpers
       .
 }
 
+@test "apiGateway/Deployment: enable namespaces" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/api-gateway-controller-deployment.yaml  \
+      --set 'apiGateway.enabled=true' \
+      --set 'apiGateway.image=bar' \
+      --set 'global.enableConsulNamespaces=true' \
+      . | tee /dev/stderr |
+      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-consul-destination-namespace=default")' | tee /dev/stderr)
+  [ "${actual}" = "true" ]
+}
+
+@test "apiGateway/Deployment: enable namespace mirroring" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/api-gateway-controller-deployment.yaml  \
+      --set 'apiGateway.enabled=true' \
+      --set 'apiGateway.image=bar' \
+      --set 'global.enableConsulNamespaces=true' \
+      --set 'apiGateway.consulNamespaces.mirroringK8S=true' \
+      . | tee /dev/stderr |
+      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-mirror-k8s-namespaces=true")' | tee /dev/stderr)
+  [ "${actual}" = "true" ]
+}
+
+@test "apiGateway/Deployment: enable namespace mirroring prefixes" {
+  cd `chart_dir`
+  local actual=$(helm template \
+      -s templates/api-gateway-controller-deployment.yaml  \
+      --set 'apiGateway.enabled=true' \
+      --set 'apiGateway.image=bar' \
+      --set 'global.enableConsulNamespaces=true' \
+      --set 'apiGateway.consulNamespaces.mirroringK8S=true' \
+      --set 'apiGateway.consulNamespaces.mirroringK8SPrefix=foo' \
+      . | tee /dev/stderr |
+      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-mirror-k8s-namespace-prefix=foo")' | tee /dev/stderr)
+  [ "${actual}" = "true" ]
+}
 
 @test "apiGateway/Deployment: container image overrides" {
   cd `chart_dir`
diff --git a/charts/consul/values.yaml b/charts/consul/values.yaml
index fac5b836be..5a512ffa4b 100644
--- a/charts/consul/values.yaml
+++ b/charts/consul/values.yaml
@@ -2536,6 +2536,29 @@ apiGateway:
       # @type: string
       service: null
 
+  # [Enterprise Only] These settings manage the api gateway's interaction with
+  # Consul namespaces (requires consul-ent v1.7+).
+  # Also, `global.enableConsulNamespaces` must be true.
+  consulNamespaces:
+    # Name of the Consul namespace to register all
+    # k8s services into. If the Consul namespace does not already exist,
+    # it will be created. This will be ignored if `mirroringK8S` is true.
+    consulDestinationNamespace: "default"
+
+    # If true, k8s services will be registered into a Consul namespace
+    # of the same name as their k8s namespace, optionally prefixed if
+    # `mirroringK8SPrefix` is set below. If the Consul namespace does not
+    # already exist, it will be created. Turning this on overrides the
+    # `consulDestinationNamespace` setting.
+    # `addK8SNamespaceSuffix` may no longer be needed if enabling this option.
+    mirroringK8S: false
+
+    # If `mirroringK8S` is set to true, `mirroringK8SPrefix` allows each Consul namespace
+    # to be given a prefix. For example, if `mirroringK8SPrefix` is set to "k8s-", a
+    # service in the k8s `staging` namespace will be registered into the
+    # `k8s-staging` Consul namespace.
+    mirroringK8SPrefix: ""
+
   # Configuration for the ServiceAccount created for the api-gateway component
   serviceAccount:
     # This value defines additional annotations for the client service account. This should be formatted as a multi-line

From 6a78947b46a383ce8e23a16f373191b9d9a31108 Mon Sep 17 00:00:00 2001
From: Andrew Stucki <andrew.stucki@hashicorp.com>
Date: Fri, 18 Feb 2022 14:39:44 -0500
Subject: [PATCH 2/4] Update cli flags based off of merged code

---
 .../consul/templates/api-gateway-controller-deployment.yaml   | 4 ++--
 .../consul/test/unit/api-gateway-controller-deployment.bats   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/charts/consul/templates/api-gateway-controller-deployment.yaml b/charts/consul/templates/api-gateway-controller-deployment.yaml
index c76cd9a29e..492d9f3302 100644
--- a/charts/consul/templates/api-gateway-controller-deployment.yaml
+++ b/charts/consul/templates/api-gateway-controller-deployment.yaml
@@ -84,9 +84,9 @@ spec:
               -consul-destination-namespace={{ .Values.apiGateway.consulNamespaces.consulDestinationNamespace }} \
               {{- end }}
               {{- if .Values.apiGateway.consulNamespaces.mirroringK8S }}
-              -mirror-k8s-namespaces=true \
+              -mirroring-k8s=true \
               {{- if .Values.apiGateway.consulNamespaces.mirroringK8SPrefix }}
-              -mirror-k8s-namespace-prefix={{ .Values.apiGateway.consulNamespaces.mirroringK8SPrefix }} \
+              -mirroring-k8s-prefix={{ .Values.apiGateway.consulNamespaces.mirroringK8SPrefix }} \
               {{- end }}
               {{- end }}
               {{- end }}
diff --git a/charts/consul/test/unit/api-gateway-controller-deployment.bats b/charts/consul/test/unit/api-gateway-controller-deployment.bats
index bea24daad7..6810c5dde0 100755
--- a/charts/consul/test/unit/api-gateway-controller-deployment.bats
+++ b/charts/consul/test/unit/api-gateway-controller-deployment.bats
@@ -57,7 +57,7 @@ load _helpers
       --set 'global.enableConsulNamespaces=true' \
       --set 'apiGateway.consulNamespaces.mirroringK8S=true' \
       . | tee /dev/stderr |
-      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-mirror-k8s-namespaces=true")' | tee /dev/stderr)
+      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-mirroring-k8s=true")' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 }
 
@@ -71,7 +71,7 @@ load _helpers
       --set 'apiGateway.consulNamespaces.mirroringK8S=true' \
       --set 'apiGateway.consulNamespaces.mirroringK8SPrefix=foo' \
       . | tee /dev/stderr |
-      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-mirror-k8s-namespace-prefix=foo")' | tee /dev/stderr)
+      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-mirroring-k8s-prefix=foo")' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 }
 

From 6ad5bcdd1ebb712b841042fc4476acb04b241618 Mon Sep 17 00:00:00 2001
From: Andrew Stucki <andrew.stucki@hashicorp.com>
Date: Fri, 18 Feb 2022 15:18:59 -0500
Subject: [PATCH 3/4] Add changelog entry

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 074882f43c..1b4dc85536 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 IMPROVEMENTS:
 * Helm
   * Vault: Allow passing arbitrary annotations to the vault agent. [[GH-1015](https://github.com/hashicorp/consul-k8s/pull/1015)]
+  * API Gateway: Allow Kubernetes namespace to Consul enterprise namespace mapping for deployed gateways and mesh services. [[GH-1024](https://github.com/hashicorp/consul-k8s/pull/1024)]
 
 BUG FIXES:
 * API Gateway

From ba330553bff5b33d159a036166535b49ee735664 Mon Sep 17 00:00:00 2001
From: Jeff-Apple <79924108+Jeff-Apple@users.noreply.github.com>
Date: Tue, 22 Feb 2022 09:55:13 -0800
Subject: [PATCH 4/4] Update charts/consul/values.yaml

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
---
 charts/consul/values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/consul/values.yaml b/charts/consul/values.yaml
index 986676fe5b..3e849b6ef9 100644
--- a/charts/consul/values.yaml
+++ b/charts/consul/values.yaml
@@ -2552,7 +2552,7 @@ apiGateway:
       # @type: string
       service: null
 
-  # [Enterprise Only] These settings manage the api gateway's interaction with
+  # [Enterprise Only] These settings manage the API Gateway's interaction with
   # Consul namespaces (requires consul-ent v1.7+).
   # Also, `global.enableConsulNamespaces` must be true.
   consulNamespaces: