From ef7bcd0d25e572f544ae9b21567e1a213c7b2c66 Mon Sep 17 00:00:00 2001
From: Melisa Griffin <missylbytes@users.noreply.github.com>
Date: Thu, 14 Sep 2023 12:08:26 -0400
Subject: [PATCH 1/2] Updates gateway-class-config docs to include fields for
 privileged container port-mapping and Openshift Security Context Constraints

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
---
 .../configuration/gatewayclassconfig.mdx        | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx b/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx
index ea3357deceef..c8ab4b312964 100644
--- a/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx
+++ b/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx
@@ -38,7 +38,9 @@ The following outline shows how to format the configurations in the `GatewayClas
   * [`consulAPIGateway`](#image-consulapigateway): string | optional
   * [`envoy`](#image-envoy): string | optional
 * [`logLevel`](#loglevel): string | optional
+* [`matchPrivilegedContainerPorts`](#matchPrivilegedContainerPorts): integer | optional
 * [`nodeSelector`](#nodeselector): string | optional
+* [`openshiftSCCName`](#openshiftSCCName): string | optional
 * [`serviceType`](#servicetype): string | optional
 * [`useHostPorts`](#usehostports): boolean | optional
 
@@ -152,12 +154,27 @@ You can specify the following strings:
 * `debug`
 * `trace`
 
+### matchPrivilegedContainerPorts
+```suggestion
+Specifies a value that Consul adds to privileged ports defined in the gateway. Privileged ports are port numbers less than 1024 and some platforms, such as Red Hat OpenShift, explicitly configure Kubernetes to avoid running containers on privileged ports. The total value of the configured port number and the `matchPriviledgedContainerPorts` value must not exceed 65535, which is the highest possible TCP port number allowed.
+for gateway containers
+* Type: Integer
+* Required: optional
+
+You can specify an integer between `0` and `64512`
+
 ### nodeSelector
 Pods normally run on multiple nodes. You can specify a set of parameters in the `nodeSelector` that constrain the nodes on which the pod can run, enabling the pod to fit on a node. The selector must match a node's labels for the pod to be scheduled on that node. Refer to the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) for additional information.
 
 * Type: string
 * Required: optional
 
+### openshiftSCCName
+Specifies the OpenShift security context constraint (SCC) for the `GatewayClassConfig` to use. Refer to the [OpenShift SCC documentation](https://docs.openshift.com/container-platform/4.13/authentication/managing-security-context-constraints.html#default-sccs_configuring-internal-oauth) for additional information about the available default SCCs.
+* Type: string
+* Required: optional
+* Default: `restricted-v2`
+
 ### serviceType
 Specifies the ingress methods for the gateway's Kubernetes service.
 * Type: string

From 1ffd4d3934f7f6b2f48c85766a4f7adbcd3c935a Mon Sep 17 00:00:00 2001
From: Melisa Griffin <melisa.griffin@hashicorp.com>
Date: Thu, 14 Sep 2023 12:38:25 -0400
Subject: [PATCH 2/2] Remove errant word in docs that is breaking the build

---
 .../docs/api-gateway/configuration/gatewayclassconfig.mdx        | 1 -
 1 file changed, 1 deletion(-)

diff --git a/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx b/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx
index c8ab4b312964..2fa35a75521e 100644
--- a/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx
+++ b/website/content/docs/api-gateway/configuration/gatewayclassconfig.mdx
@@ -155,7 +155,6 @@ You can specify the following strings:
 * `trace`
 
 ### matchPrivilegedContainerPorts
-```suggestion
 Specifies a value that Consul adds to privileged ports defined in the gateway. Privileged ports are port numbers less than 1024 and some platforms, such as Red Hat OpenShift, explicitly configure Kubernetes to avoid running containers on privileged ports. The total value of the configured port number and the `matchPriviledgedContainerPorts` value must not exceed 65535, which is the highest possible TCP port number allowed.
 for gateway containers
 * Type: Integer