Respect connectInject.initContainer.resources for v1 API gateways

control-plane/api-gateway/common/helm_config.go

@@ -6,6 +6,8 @@ package common
 import (
 	"strings"
 	"time"
+
+	v1 "k8s.io/api/core/v1"
 )
 
 const componentAuthMethod = "k8s-component-auth-method"
@@ -40,6 +42,8 @@ type HelmConfig struct {
 	// MapPrivilegedServicePorts is the value which Consul will add to privileged container port values (ports < 1024)
 	// defined on a Gateway.
 	MapPrivilegedServicePorts int
+
+	InitContainerResources *v1.ResourceRequirements
 }
 
 type ConsulConfig struct {

control-plane/api-gateway/gatekeeper/init.go

@@ -11,10 +11,11 @@ import (
 
 	corev1 "k8s.io/api/core/v1"
 
+	"k8s.io/utils/pointer"
+
 	"github.com/hashicorp/consul-k8s/control-plane/api-gateway/common"
 	"github.com/hashicorp/consul-k8s/control-plane/connect-inject/constants"
 	"github.com/hashicorp/consul-k8s/control-plane/namespaces"
-	"k8s.io/utils/pointer"
 )
 
 const (
@@ -169,6 +170,10 @@ func initContainer(config common.HelmConfig, name, namespace string) (corev1.Con
 			})
 	}
 
+	if config.InitContainerResources != nil {
+		container.Resources = *config.InitContainerResources
+	}
+
 	// Openshift Assigns the security context for us, do not enable if it is enabled.
 	if !config.EnableOpenShift {
 		container.SecurityContext = &corev1.SecurityContext{

control-plane/subcommand/inject-connect/v1controllers.go

@@ -128,6 +128,7 @@ func (c *Command) configureV1Controllers(ctx context.Context, mgr manager.Manage
 			ConsulTLSServerName:        c.consul.TLSServerName,
 			ConsulPartition:            c.consul.Partition,
 			ConsulCACert:               string(c.caCertPem),
+			InitContainerResources:     &c.initContainerResources,
 		},
 		AllowK8sNamespacesSet:   allowK8sNamespaces,
 		DenyK8sNamespacesSet:    denyK8sNamespaces,