Skip to content

Add SnippetsPolicy for Gateway level #4461

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
fabian4 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add SnippetsPolicy for Gateway level #4461

fabian4 wants to merge 1 commit into from

Conversation

@fabian4
Copy link
Contributor

@fabian4 fabian4 commented Dec 13, 2025
edited
Loading

Problem: Users need a mechanism to inject raw NGINX configuration snippets into the generated configuration to leverage advanced NGINX features or directives that are not yet exposed via the Gateway API or existing NGINX Gateway Fabric policies.

Solution: Implemented the SnippetsPolicy Custom Resource Definition (CRD).

  • API: The policy targets a Gateway and supports main, http, and server contexts.
  • Validation: Added validation logic to enforce a maximum snippet size (2KB), ensure unique contexts per policy, and disallow unsupported contexts (e.g., http.server.location).
  • Generation: The generator creates dedicated include files for each policy (e.g., includes/policy/<gateway>/SnippetsPolicy_main_...conf), ensuring clean separation of injected config.
  • Integration: Wired the new policy into the ChangeProcessor, Controller Manager, and Helm charts.

Testing:

  • Added unit tests for the Validator, Generator, and ChangeProcessor logic.
  • Added a new integration test suite (tests/suite/snippets_policy_test.go) covering:
    • Valid snippets in all supported contexts.
    • Invalid context validation.
    • Duplicate context validation.
  • Verified Helm chart generation.

Please focus on (optional): The validation logic in internal/controller/nginx/config/policies/snippetspolicy/validator.go, specifically the size limits and context checks.

Closes #4071

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that all unit tests pass after adding my changes
  • I have updated necessary documentation
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

Release notes

 Added support for `SnippetsPolicy`, allowing users to inject custom NGINX configuration snippets into the `main`, `http`, and `server` contexts.

@nginx-bot
Copy link

nginx-bot bot commented Dec 13, 2025

Hi @fabian4!

Thanks for opening this pull request!
Be sure to check out our Contributing Guidelines while you wait for someone on the team to review this.

@nginx-bot nginx-bot bot added the community label Dec 13, 2025
@github-actions github-actions bot added helm-chart Relates to helm chart documentation Improvements or additions to documentation tests Pull requests that update tests labels Dec 14, 2025
@fabian4 fabian4 force-pushed the add_snippestspolicy branch from ebe3381 to 8e5feb3 Compare December 14, 2025 13:37
@github-actions github-actions bot removed the tests Pull requests that update tests label Dec 14, 2025
@fabian4 fabian4 force-pushed the add_snippestspolicy branch from 8e5feb3 to 63897e7 Compare December 14, 2025 13:52
@github-actions github-actions bot added the tests Pull requests that update tests label Dec 14, 2025
@fabian4 fabian4 marked this pull request as ready for review December 14, 2025 14:14
@fabian4 fabian4 requested a review from a team as a code owner December 14, 2025 14:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@salonichf5 salonichf5

Labels

community documentation Improvements or additions to documentation helm-chart Relates to helm chart tests Pull requests that update tests

Projects

NGINX Gateway Fabric
Status: 🆕 New

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add support for Snippets at the Gateway level

2 participants

@fabian4 @salonichf5