Skip to content

chore(helm): Add GatewayAPI route support to helm chart#2544

Merged
M0NsTeRRR merged 8 commits intoseerr-team:developfrom
wiiaam:helm-routes
Feb 23, 2026
Merged

chore(helm): Add GatewayAPI route support to helm chart#2544
M0NsTeRRR merged 8 commits intoseerr-team:developfrom
wiiaam:helm-routes

Conversation

@wiiaam
Copy link
Contributor

@wiiaam wiiaam commented Feb 21, 2026

Description

Adds support for creating a GatewayAPI HTTPRoute (or other routes)

Follows existing patterns in mainstream helm charts, using a main route and allowing the user to configure more routes if needed

How Has This Been Tested?

Verified output with helm template and tested on my cluster

Checklist:

  • I have read and followed the contribution guidelines.
  • Disclosed any use of AI (see our policy)
  • I have updated the documentation accordingly.
  • All new and existing tests passed.
  • Successful build pnpm build
  • Translation keys pnpm i18n:extract
  • Database migration (if required)

Summary by CodeRabbit

  • New Features

    • Added Gateway API HTTPRoute support with configurable hostnames, path matching, HTTPS redirect, parent refs, additional rules, and custom filters.
    • New route configuration in chart values for enabling/disabling routes and fine-grained routing control; added top-level resources placeholder.
    • Chart version updated to 3.2.0.
  • Documentation

    • README updated with expanded route configuration options and examples.

@wiiaam wiiaam requested a review from a team as a code owner February 21, 2026 05:36
@coderabbitai
Copy link

coderabbitai bot commented Feb 21, 2026

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

Adds Gateway API HTTPRoute support to the seerr-chart Helm chart: new Helm template templates/route.yaml, new route.main defaults in values.yaml, README updates documenting route options, and Chart version bumped to 3.2.0.

Changes

Cohort / File(s) Summary
Gateway Route Template
charts/seerr-chart/templates/route.yaml
New Helm template that renders HTTPRoute-style resources from values.route.*, honoring enabled, apiVersion/kind, parentRefs, hostnames, annotations/labels, additionalRules, filters, matches, httpsRedirect, and backend refs.
Chart Values
charts/seerr-chart/values.yaml
Adds route.main configuration block with defaults (enabled, apiVersion, kind, annotations, labels, parentRefs, hostnames, additionalRules, filters, matches with PathPrefix, httpsRedirect) and a top-level resources: {} placeholder.
Documentation
charts/seerr-chart/README.md
Updated Values table with new route.main.* entries and bumped chart/app version badges (Chart version 3.2.0, AppVersion remains v3.0.1).
Chart Metadata
charts/seerr-chart/Chart.yaml
Chart version incremented from 3.1.0 to 3.2.0.

Sequence Diagram(s)

sequenceDiagram
    participant Helm as Helm chart
    participant K8s as Kubernetes API
    participant GW as Gateway controller
    participant Svc as Seerr backend

    Helm->>K8s: Render & apply HTTPRoute (templates/route.yaml using values.route.main)
    K8s->>GW: Inform Gateway controller of new/updated HTTPRoute
    GW->>K8s: Resolve parentRefs & attach HTTPRoute to Gateway
    GW->>Svc: Forward traffic per HTTPRoute rules (matches, filters, redirects, backendRefs)
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

  • fallenbagel
  • sudo-kraken
  • 0xSysR3ll

Poem

🐰 I hopped through values, stitched a route so neat,
Helm shaped the templates, and Kubernetes took a seat,
ParentRefs nudged gates to swing open wide,
Redirects and matches let traffic glide,
A rabbit's cheer — deployments stride with pride!

🚥 Pre-merge checks | ✅ 4
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The pull request title accurately describes the main change—adding GatewayAPI route support to the Helm chart—and aligns with the primary objective stated in the PR description and linked issue.
Linked Issues check ✅ Passed The changes fully implement the requirements from issue #2543: the route.yaml template creates HTTPRoute resources, values.yaml provides configuration options, and README.md documents the new route.main configuration keys.
Out of Scope Changes check ✅ Passed All changes are directly related to implementing GatewayAPI route support; the Chart.yaml version bump is a standard accompaniment to new feature additions.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.


Comment @coderabbitai help to get the list of available commands and usage tips.

Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@charts/seerr-chart/templates/route.yaml`:
- Around line 30-36: The httpsRedirect branch currently emits a filters block
with a RequestRedirect but omits any user-supplied route.matches, causing the
redirect to apply globally; update the template so when $route.httpsRedirect is
true it also preserves and renders existing route.matches (the same values used
when httpsRedirect is false) before the filters: RequestRedirect block (ensure
correct YAML indentation and handle empty/nil $route.matches gracefully) so the
redirect only applies within the original match scope.
- Around line 4-50: The template emits HTTP-only fields for every route kind
causing invalid manifests; update the logic around $route.kind (used in the kind
default and rendering) to branch per supported Gateway API kinds: allow
rules[].matches, rules[].filters and the RequestRedirect filter only when
$route.kind is "HTTPRoute" or "GRPCRoute", and for
"TCPRoute"/"UDPRoute"/"TLSRoute" render only rules[].backendRefs (and optional
name) without matches/filters or RequestRedirect; also when $route.httpsRedirect
is set, ensure the RequestRedirect filter is applied inside the same rule
alongside any configured $route.matches (not as a standalone unconditional rule)
so redirects respect match conditions; adjust any documentation/defaults to
constrain allowed kinds accordingly.

@fallenbagel fallenbagel changed the title feat(helm): Add GatewayAPI route support to helm chart chore(helm): Add GatewayAPI route support to helm chart Feb 21, 2026
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@charts/seerr-chart/templates/route.yaml`:
- Around line 4-5: The template unconditionally emits HTTP-specific fields
(matches, filters, RequestRedirect) even when $route.kind can be
TCPRoute/UDPRoute/TLSRoute, causing Gateway API validation failures; update the
route.yaml template to branch on $route.kind (the $route.kind/$route.apiVersion
values) and only render matches, filters and RequestRedirect when the kind is an
HTTP-compatible type (e.g., "HTTPRoute" or "GRPCRoute"), or alternatively
restrict the allowed default/values for $route.kind in the chart defaults/docs
to HTTPRoute/GRPCRoute; locate the conditional blocks that output
matches/filters/RequestRedirect and wrap them in checks against $route.kind (or
change defaults) so non-HTTP kinds do not receive invalid fields.

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds Gateway API HTTPRoute support to the Seerr Helm chart, enabling users to create Gateway API route resources alongside or instead of traditional Ingress resources. The implementation follows a flexible multi-route pattern where users can define multiple named route configurations (e.g., route.main, route.http, route.https) for different routing scenarios.

Changes:

  • Added new Gateway API route template supporting HTTPRoute and other route kinds with configurable apiVersion
  • Added comprehensive route configuration options in values.yaml including parentRefs, hostnames, filters, matches, and HTTPS redirect support
  • Bumped chart version from 3.1.0 to 3.2.0

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
charts/seerr-chart/templates/route.yaml New template that creates Gateway API route resources with support for multiple named routes, HTTPS redirects, and flexible rule configuration
charts/seerr-chart/values.yaml Added route configuration section with main route defaults and comprehensive options for Gateway API integration
charts/seerr-chart/Chart.yaml Version bump to 3.2.0 reflecting the new feature addition
charts/seerr-chart/README.md Auto-generated documentation updates reflecting the new route configuration options
Comments suppressed due to low confidence (5)

charts/seerr-chart/templates/route.yaml:29

  • The placement of additionalRules before the main rule creates a problematic ordering. When additionalRules are present, they will be rendered first, followed by either the httpsRedirect rule or the normal backend rule. This means the main route rule is always appended last, which may not match user expectations. Consider either: (1) placing additionalRules after the main rule, or (2) not generating a default rule when additionalRules are present and the user wants full control, or (3) documenting this behavior clearly in values.yaml that additionalRules come before the main rule.
  rules:
    {{- if $route.additionalRules }}
    {{- tpl (toYaml $route.additionalRules) $ | nindent 4 }}
    {{- end }}

charts/seerr-chart/values.yaml:144

  • The documentation comment is misleading. It says "create a new route object under the main route" but the actual structure is to create a sibling route object at the same level as 'main' in the route map (e.g., route.http for HTTP and route.https for HTTPS redirect). The phrase "under the main route" suggests nesting within the main object, which is not the case. Consider clarifying to: "To redirect to HTTPS, create a separate route object (e.g., route.http) alongside the main route with this option enabled."
    # -- To redirect to HTTPS, create a new route object under the main route and enable this option.
    # This should only be used with HTTP-like routes, such as HTTPRoute or GRPCRoute.
    # [Reference]( https://gateway-api.sigs.k8s.io/guides/http-redirect-rewrite/ )
    httpsRedirect: false

charts/seerr-chart/templates/route.yaml:55

  • When additionalRules are provided, a default rule (either httpsRedirect or normal backend) is always appended after them. This means users cannot use additionalRules alone without getting an extra rule they may not want. Consider adding a flag (e.g., 'defaultRule: true') that allows users to disable the automatic default rule generation when they want full control via additionalRules. Alternatively, document this behavior clearly in values.yaml.
  rules:
    {{- if $route.additionalRules }}
    {{- tpl (toYaml $route.additionalRules) $ | nindent 4 }}
    {{- end }}
    {{- if $route.httpsRedirect }}
    - filters:
        - type: RequestRedirect
          requestRedirect:
            scheme: https
            statusCode: 301
      {{- with $route.matches }}
      matches:
        {{- toYaml . | nindent 8 }}
      {{- end }}
    {{- else }}
    - backendRefs:
        - name: {{ include "seerr.fullname" $ }}
          port: {{ $.Values.service.port }}
          group: ''
          kind: Service
          weight: 1
      {{- with $route.filters }}
      filters:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with $route.matches }}
      matches:
        {{- toYaml . | nindent 8 }}
      {{- end }}
    {{- end }}

charts/seerr-chart/values.yaml:143

  • There's an extra space in the markdown link syntax. The reference link has a space after the opening parenthesis: '[Reference]( https://...' should be '[Reference](https://...' without the space. This may cause the link to not render properly in some markdown parsers.
    # [Reference]( https://gateway-api.sigs.k8s.io/guides/http-redirect-rewrite/ )

charts/seerr-chart/templates/route.yaml:7

  • The template uses 'template' instead of 'include' for the fullname helper, which is inconsistent with other templates in this chart. The ingress template (ingress.yaml:5,36) and the route template itself (line 42) use 'include'. The 'include' function is preferred in Helm as it allows piping the output to other functions. This should be changed to: {{ include "seerr.fullname" $ }}
  name: {{ template "seerr.fullname" $ }}{{ if ne $name "main" }}-{{ $name }}{{ end }}

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

wiiaam and others added 3 commits February 23, 2026 17:06
Co-authored-by: Ludovic Ortega <github@mail.adminafk.fr>
Co-authored-by: Ludovic Ortega <github@mail.adminafk.fr>
Co-authored-by: Ludovic Ortega <github@mail.adminafk.fr>
@M0NsTeRRR M0NsTeRRR enabled auto-merge (squash) February 23, 2026 09:32
@M0NsTeRRR
Copy link
Member

Thanks for your contribution !

@M0NsTeRRR M0NsTeRRR merged commit 3a42f59 into seerr-team:develop Feb 23, 2026
13 checks passed
@wiiaam wiiaam deleted the helm-routes branch February 23, 2026 19:52
alexlebens pushed a commit to alexlebens/infrastructure that referenced this pull request Feb 27, 2026
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/seerr-team/seerr](https://github.com/seerr-team/seerr) | minor | `v3.0.1` → `v3.1.0` |
| [seerr-team/seerr](https://github.com/seerr-team/seerr) | minor | `v3.0.1` → `v3.1.0` |

---

### Release Notes

<details>
<summary>seerr-team/seerr (ghcr.io/seerr-team/seerr)</summary>

### [`v3.1.0`](https://github.com/seerr-team/seerr/releases/tag/v3.1.0)

[Compare Source](seerr-team/seerr@v3.0.1...v3.1.0)

##### 🛡️ Security

- Patch [CVE-2026-27707](GHSA-rc4w-7m3r-c2f7)  - Unauthenticated account registration on Plex-configured Seerr instances via Jellyfin authentication endpoint  - ([4ae2068](seerr-team/seerr@4ae2068))
- Patch [CVE-2026-27793](GHSA-f7xw-jcqr-57hp) - Broken Object-Level Authorization in User Profile Endpoint Exposes Third-Party Notification Credentials - ([4f089b2](seerr-team/seerr@4f089b2))
- Patch [CVE-2026-27792](GHSA-gx3h-3jg5-q65f)  - Missing authentication on pushSubscription endpoints  - ([946bdecec](seerr-team/seerr@946bdec))

##### 🚀 Features

- *(helm)* Use an existing PVC as config volume ([#&#8203;2447](seerr-team/seerr#2447)) - ([8f0c904](seerr-team/seerr@8f0c904))
- *(servarr-api)* Make Servarr API request timeout configurable ([#&#8203;2556](seerr-team/seerr#2556)) - ([3bcb4da](seerr-team/seerr@3bcb4da))
- Self-host font for better privacy ([#&#8203;2540](seerr-team/seerr#2540)) - ([10ea21b](seerr-team/seerr@10ea21b))

##### 🐛 Bug Fixes

- *(helm)* Add "v" as prefix for appVersion tag ([#&#8203;2445](seerr-team/seerr#2445)) - ([04b9d87](seerr-team/seerr@04b9d87))
- *(jellyfin-scanner)* Include unmatched seasons in processable seasons ([#&#8203;2538](seerr-team/seerr#2538)) - ([68f56d2](seerr-team/seerr@68f56d2))
- *(link-account)* Fix error-message override ([#&#8203;2547](seerr-team/seerr#2547)) - ([b843be0](seerr-team/seerr@b843be0))
- *(plex-scanner)* Add TVDb to TMDB fallback in plex scanner ([#&#8203;2537](seerr-team/seerr#2537)) - ([7c60a5c](seerr-team/seerr@7c60a5c))
- *(radarr)* Trigger search for existing monitored movies without files ([#&#8203;2391](seerr-team/seerr#2391)) - ([55776ea](seerr-team/seerr@55776ea))
- *(servarr)* Increase default API timeout from 5000ms to 10000ms ([#&#8203;2442](seerr-team/seerr#2442)) - ([b499976](seerr-team/seerr@b499976))
- *(sonarr)* Use configured metadata provider for season filtering ([#&#8203;2516](seerr-team/seerr#2516)) - ([5013d1d](seerr-team/seerr@5013d1d))
- *(watch-data)* Use sentinel values to avoid invalid SQL syntax ([#&#8203;2552](seerr-team/seerr#2552)) - ([947f70c](seerr-team/seerr@947f70c))
- *(watchlist-sync)* Correct permission typo for TV auto requests ([#&#8203;2488](seerr-team/seerr#2488)) - ([e0e4b6f](seerr-team/seerr@e0e4b6f))
- Preserve blocklist on media deletion & optimise watchlist-sync ([#&#8203;2478](seerr-team/seerr#2478)) - ([9da8bb6](seerr-team/seerr@9da8bb6))

##### 🚜 Refactor

- *(tailwind)* Replace deprecated tailwind utilities ([#&#8203;2542](seerr-team/seerr#2542)) - ([f42a4ec](seerr-team/seerr@f42a4ec))

##### 📖 Documentation

- *(synology)* Add installation guide via SynoCommunity ([#&#8203;2503](seerr-team/seerr#2503)) - ([0e636a3](seerr-team/seerr@0e636a3))
- *(truenas)* Update install/migration guide ([#&#8203;2491](seerr-team/seerr#2491)) - ([dc1734d](seerr-team/seerr@dc1734d))
- *(unraid)* Improve unraid migration guide  ([#&#8203;2470](seerr-team/seerr#2470)) - ([5e64d49](seerr-team/seerr@5e64d49))
- Update Unraid install and migration guides with dual permission methods ([#&#8203;2532](seerr-team/seerr#2532)) - ([a0d0eb1](seerr-team/seerr@a0d0eb1))
- Add a warning in migration-guide for third party installation ([#&#8203;2527](seerr-team/seerr#2527)) - ([7e9dff3](seerr-team/seerr@7e9dff3))
- Remove double quotes (") from DB\_HOST environment variable ([#&#8203;2514](seerr-team/seerr#2514)) - ([fa905be](seerr-team/seerr@fa905be))
- Add Unraid installation and migration guide ([#&#8203;2440](seerr-team/seerr#2440)) - ([b6a9132](seerr-team/seerr@b6a9132))
- Fix migration guide title ([#&#8203;2425](seerr-team/seerr#2425)) - ([39ae32f](seerr-team/seerr@39ae32f))

##### ⚡ Performance

- Add missing indexes on all foreign key columns ([#&#8203;2461](seerr-team/seerr#2461)) - ([c6bcfe0](seerr-team/seerr@c6bcfe0))

##### ⚙️ Miscellaneous Tasks

- *(changelog)* Fix changelog template ([#&#8203;2431](seerr-team/seerr#2431)) - ([c2977f6](seerr-team/seerr@c2977f6))
- *(eslint)* Add react/self-closing-comp ([#&#8203;2563](seerr-team/seerr#2563)) - ([cd8b386](seerr-team/seerr@cd8b386))
- *(github)* Add docs and maintenance issue templates ([#&#8203;2467](seerr-team/seerr#2467)) - ([cf4883a](seerr-team/seerr@cf4883a))
- *(helm)* Add GatewayAPI route support to helm chart ([#&#8203;2544](seerr-team/seerr#2544)) - ([3a42f59](seerr-team/seerr@3a42f59))
- *(helm)* Update ghcr.io/seerr-team/seerr ( 3.0.0 → 3.0.1 ) \[skip-ci] ([#&#8203;2441](seerr-team/seerr#2441)) - ([87fb0df](seerr-team/seerr@87fb0df))
- *(husky)* Fixed husky commit message from bash/zsh syntax to sh syntax ([#&#8203;2572](seerr-team/seerr#2572)) - ([a00c9e5](seerr-team/seerr@a00c9e5))
- *(release)* Prepare ${TAG\_VERSION} - ([94a70bb](seerr-team/seerr@94a70bb))
- Updated the Contributing and Security guides to reflect our current practices ([#&#8203;2579](seerr-team/seerr#2579)) - ([0d40a42](seerr-team/seerr@0d40a42))
- Disable nextjs telemetry ([#&#8203;2517](seerr-team/seerr#2517)) - ([cecdd63](seerr-team/seerr@cecdd63))
- Update contributing guide regarding Automated AI Agent ([#&#8203;2518](seerr-team/seerr#2518)) - ([880fbc9](seerr-team/seerr@880fbc9))
- Remove discord notification from release ([#&#8203;2501](seerr-team/seerr#2501)) - ([fba20c1](seerr-team/seerr@fba20c1))
- Add create-tag workflow to streamline release process ([#&#8203;2493](seerr-team/seerr#2493)) - ([06e5eb0](seerr-team/seerr@06e5eb0))
- Update concurrency logic ([#&#8203;2481](seerr-team/seerr#2481)) - ([4939f13](seerr-team/seerr@4939f13))
- Add semantic-pr workflow to enforce conventional commits ([#&#8203;2472](seerr-team/seerr#2472)) - ([5e57fdc](seerr-team/seerr@5e57fdc))

##### New Contributors ❤️

- [@&#8203;caillou](https://github.com/caillou) made their first contribution
- [@&#8203;Kenshin9977](https://github.com/Kenshin9977) made their first contribution
- [@&#8203;MagicLegend](https://github.com/MagicLegend) made their first contribution
- [@&#8203;wiiaam](https://github.com/wiiaam) made their first contribution
- [@&#8203;mjonkus](https://github.com/mjonkus) made their first contribution
- [@&#8203;nova-api](https://github.com/nova-api) made their first contribution
- [@&#8203;mreid-tt](https://github.com/mreid-tt) made their first contribution
- [@&#8203;DataBitz](https://github.com/DataBitz) made their first contribution
- [@&#8203;Hyperion2220](https://github.com/Hyperion2220) made their first contribution
- [@&#8203;blassley](https://github.com/blassley) made their first contribution
- [@&#8203;JanKleine](https://github.com/JanKleine) made their first contribution
- [@&#8203;koiralasandesh](https://github.com/koiralasandesh) made their first contribution<!-- generated by git-cliff -->

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yNS43IiwidXBkYXRlZEluVmVyIjoiNDMuMjUuNyIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiaW1hZ2UiXX0=-->

Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/4284
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add GatewayAPI route support to helm chart

4 participants