provider-http is a Crossplane Provider designed to facilitate sending HTTP requests as resources.
To install provider-http, you have two options:
-
Using the Crossplane CLI in a Kubernetes cluster where Crossplane is installed:
crossplane xpkg install provider xpkg.upbound.io/crossplane-contrib/provider-http:v1.0.11 -
Manually creating a Provider by applying the following YAML:
apiVersion: pkg.crossplane.io/v1 kind: Provider metadata: name: provider-http spec: package: 'xpkg.upbound.io/crossplane-contrib/provider-http:v1.0.11'
provider-http supports resources in two scopes:
- DisposableRequest: Initiates a one-time HTTP request. See DisposableRequest CRD documentation.
- Request: Manages a resource through HTTP requests. See Request CRD documentation.
- DisposableRequest: Namespace-scoped version of the disposable HTTP request.
- Request: Namespace-scoped version of the managed HTTP resource.
- ProviderConfig: Namespace-scoped provider configuration.
- ClusterProviderConfig: Cluster-scoped provider configuration for cross-namespace access.
When to use each:
- Use cluster-scoped resources for shared infrastructure and when you have cluster-admin privileges
- Use namespaced resources for tenant isolation, application-specific resources, and when working with namespace-level permissions
The provider supports TLS certificate-based authentication for secure API communication:
- CA Certificates: Trust custom certificate authorities
- Client Certificates: Mutual TLS (mTLS) authentication
- Flexible Configuration: Set TLS at provider or resource level
- Secret References: Load certificates from Kubernetes secrets
- Create certificate secrets:
# CA certificate
kubectl create secret generic ca-certs \
--from-file=ca.crt=./ca-cert.pem \
--namespace=crossplane-system
# Client certificate for mTLS
kubectl create secret tls client-certs \
--cert=./client.crt \
--key=./client.key \
--namespace=crossplane-system- Configure ProviderConfig:
apiVersion: http.crossplane.io/v1alpha1
kind: ProviderConfig
metadata:
name: secure-http
spec:
credentials:
source: None
tls:
caCertSecretRef:
name: ca-certs
namespace: crossplane-system
key: ca.crt
clientCertSecretRef:
name: client-certs
namespace: crossplane-system
key: tls.crt
clientKeySecretRef:
name: client-certs
namespace: crossplane-system
key: tls.key- Use in requests:
apiVersion: http.crossplane.io/v1alpha2
kind: Request
metadata:
name: secure-api-call
spec:
providerConfigRef:
name: secure-http
forProvider:
url: https://api.example.com/resource
method: GETSee examples/provider/tls-config.yaml for more configuration options.
Create a DisposableRequest resource to initiate a single-use HTTP interaction:
apiVersion: http.crossplane.io/v1alpha2
kind: DisposableRequest
metadata:
name: example-disposable-request
spec:
# Add your DisposableRequest specification hereFor more detailed examples and configuration options, refer to the examples directory.
Manage a resource through HTTP requests with a Request resource:
apiVersion: http.crossplane.io/v1alpha2
kind: Request
metadata:
name: example-request
spec:
# Add your Request specification hereFor more detailed examples and configuration options, refer to the examples directory.
For namespace-scoped resources, use the http.m.crossplane.io API group:
apiVersion: http.m.crossplane.io/v1alpha2
kind: Request
metadata:
name: example-namespaced-request
namespace: my-namespace
spec:
# Add your Request specification here
providerConfigRef:
name: my-namespaced-configFor namespaced examples and configuration options, refer to the namespaced examples directory.
Run controller against the cluster:
make run
make test
make e2e
If you encounter any issues during installation or usage, refer to the troubleshooting guide for common problems and solutions.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
