Allow to expose OpenBao via Gateway API (!4728) · Merge requests · GitLab.org / charts / GitLab Chart

What does this MR do?

Allow to expose OpenBao via Gateway API

Bump OpenBao chart from 0.11.0 to 0.12.0 which features support for a HTTPRoute.
If Gateway API and the OpenBao chart are enabled, add a listener to the managed Gateway resource.

Closes gitlab-org/cloud-native/charts/openbao#32 (closed)

Test Plan

Install GitLab with Envoy Gateway enabled (see the example values).
Wait for the installation to complete.
Confirm the Gateway resource has no openbao-web listener.
Enable OpenBao (--set openbao.install=true and --set global.openbao.enabled=true).
Confirm the Gateway resource has a openbao-web listener.

Check OpenBao is accessible via it's external URL

curl --silent https://openbao.<GITLAB DOMAIN>/v1/sys/health | jq
{
  "initialized": true,
  "sealed": false,
  "standby": false,
  "performance_standby": false,
  "replication_performance_mode": "disabled",
  "replication_dr_mode": "disabled",
  "server_time_utc": 1767876410,
  "version": "2.4.1+v2.4.1-gitlab2",
  "cluster_name": "vault-cluster-e66f66b9",
  "cluster_id": "ecf8ab9c-e896-03e7-21c8-53afb46cf7f0"
}

Author checklist

For general guidance, please follow our Contributing guide.

Required

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Merge Request Title and Description are up to date, accurate, and descriptive.
MR targeting the appropriate branch.
MR has a green pipeline.
Documentation created/updated.
~~Tests added/updated, and test plan for scenarios not covered by automated tests.~~
~~Equivalent MR/issue for~~ ~~omnibus-gitlab~~ ~~opened.~~

Reviewers checklist

MR has a green pipeline on https://gitlab.com/gitlab-org/charts/gitlab.
Consider downstream impact to the Operator, as per evaluating impact from changes to GitLab chart.
- Operator does not support Gateway API nor OpenBao at the moment

Edited Jan 08, 2026 by Clemens Beck