Overhaul ingress configuration #679
22
README.md
22
README.md
@ -99,7 +99,7 @@ These dependencies are enabled by default:
|
||||
|
||||
Alternatively, the following non-HA replacements are available:
|
||||
|
||||
- PostgreSQL ([Bitnami PostgreSQL](<Postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)>))
|
||||
- PostgreSQL ([Bitnami PostgreSQL](<postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)>))
|
||||
- Redis ([Bitnami Redis](<Redis](https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml)>))
|
||||
|
||||
### Dependency Versioning
|
||||
@ -922,16 +922,16 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
|
||||
### Ingress
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------------------ | --------------------------------------------------------------------------- | ----------------- |
|
||||
| `ingress.enabled` | Enable ingress | `false` |
|
||||
| `ingress.className` | Ingress class name | `nil` |
|
||||
| `ingress.annotations` | Ingress annotations | `{}` |
|
||||
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
|
||||
| `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` |
|
||||
| `ingress.hosts[0].paths[0].pathType` | Ingress path type | `Prefix` |
|
||||
| `ingress.tls` | Ingress tls settings | `[]` |
|
||||
| `ingress.apiVersion` | Specify APIVersion of ingress object. Mostly would only be used for argocd. | |
|
||||
| Name | Description | Value |
|
||||
| -------------------------- | --------------------------------------------------- | ----------------- |
|
||||
| `ingress.enabled` | Enable ingress | `false` |
|
||||
| `ingress.className` | DEPRECATED: Use `ingress.ingressClassName` instead. | `""` |
|
||||
| `ingress.ingressClassName` | Ingress class name | `""` |
|
||||
| `ingress.pathType` | Ingress Path Type | `Prefix` |
|
||||
| `ingress.annotations` | Ingress annotations | `{}` |
|
||||
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
|
||||
| `ingress.hosts[0].paths` | Default Ingress path | `[]` |
|
||||
| `ingress.tls` | Ingress tls settings | `[]` |
|
||||
|
||||
### deployment
|
||||
|
||||
|
@ -401,6 +401,32 @@ https
|
||||
{{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "ingress.annotations" -}}
|
||||
{{- if .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- $tp := typeOf .Values.ingress.annotations }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{- tpl .Values.ingress.annotations . | nindent 4 }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.ingress.annotations | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "ingress.ingressClassName" -}}
|
||||
{{- if ne .Values.ingress.className "" -}}
|
||||
# WARNING: 'ingress.className' is deprecated and will be removed in a future release. Use 'ingress.ingressClassName' instead."
|
||||
{{ end -}}
|
||||
{{- if and (ne .Values.ingress.className "" ) (ne .Values.ingress.ingressClassName "") -}}
|
||||
{{- fail "ingress.ingressClassName and ingress.className cannot be defined at the same time. Please only choose one." -}}
|
||||
{{- end -}}
|
||||
{{- if ne .Values.ingress.className "" -}}
|
||||
ingressClassName: {{ tpl .Values.ingress.className . }}
|
||||
{{- else if ne .Values.ingress.ingressClassName "" -}}
|
||||
ingressClassName: {{ tpl .Values.ingress.ingressClassName . }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.admin.passwordMode" -}}
|
||||
{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}}
|
||||
{{ .Values.gitea.admin.passwordMode }}
|
||||
|
@ -1,28 +1,16 @@
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "gitea.fullname" . -}}
|
||||
{{- $httpPort := .Values.service.http.port -}}
|
||||
{{- $apiVersion := "extensions/v1beta1" -}}
|
||||
{{- if .Values.ingress.apiVersion -}}
|
||||
{{- $apiVersion = .Values.ingress.apiVersion -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
|
||||
{{- $apiVersion = "networking.k8s.io/v1" }}
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}}
|
||||
{{- $apiVersion = "networking.k8s.io/v1beta1" }}
|
||||
{{- end }}
|
||||
apiVersion: {{ $apiVersion }}
|
||||
{{- $pathType := .Values.ingress.pathType -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- template "ingress.annotations" . }}
|
||||
spec:
|
||||
{{- if .Values.ingress.className }}
|
||||
ingressClassName: {{ tpl .Values.ingress.className . }}
|
||||
{{- end }}
|
||||
{{- include "ingress.ingressClassName" . | nindent 2 }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
@ -38,21 +26,14 @@ spec:
|
||||
- host: {{ tpl .host $ | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if and .pathType (eq $apiVersion "networking.k8s.io/v1") }}
|
||||
pathType: {{ .pathType }}
|
||||
{{- end }}
|
||||
{{- range (.paths | default (list "/")) }}
|
||||
- path: {{ . }}
|
||||
pathType: {{ $pathType }}
|
||||
backend:
|
||||
{{- if eq $apiVersion "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $fullName }}-http
|
||||
port:
|
||||
number: {{ $httpPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $fullName }}-http
|
||||
servicePort: {{ $httpPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
93
unittests/ingress/basic.yaml
Normal file
93
unittests/ingress/basic.yaml
Normal file
@ -0,0 +1,93 @@
|
||||
suite: Test ingress.yaml
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: should enable ingress when ingress.enabled is true
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.apiVersion: networking.k8s.io/v1
|
||||
ingress.annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
ingress.className: nginx
|
||||
ingress.tls:
|
||||
- hosts:
|
||||
- example.com
|
||||
secretName: tls-secret
|
||||
ingress.hosts:
|
||||
- host: example.com
|
||||
paths: ["/"]
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-gitea
|
||||
- matchRegex:
|
||||
path: apiVersion
|
||||
pattern: networking.k8s.io/v1
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: nginx
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "example.com"
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "example.com"
|
||||
- equal:
|
||||
path: spec.tls[0].secretName
|
||||
value: tls-secret
|
||||
- equal:
|
||||
path: metadata.annotations["kubernetes.io/ingress.class"]
|
||||
value: nginx
|
||||
|
||||
- it: should not create ingress when ingress.enabled is false
|
||||
set:
|
||||
ingress.enabled: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: Ingress Class using TPL
|
||||
set:
|
||||
global.ingress.className: "ingress-class"
|
||||
ingress.ingressClassName: "{{ .Values.global.ingress.className }}"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "some-host"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "some-host"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "some-host"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "some-host"
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: "ingress-class"
|
||||
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
34
unittests/ingress/deprecations.yaml
Normal file
34
unittests/ingress/deprecations.yaml
Normal file
@ -0,0 +1,34 @@
|
||||
suite: Test ingress.yaml
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: should fail when both ingress.className and ingress.ingressClassName are defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress:
|
||||
enabled: true
|
||||
className: ingress-class
|
||||
ingressClassName: ingress-class
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "ingress.ingressClassName and ingress.className cannot be defined at the same time. Please only choose one."
|
||||
|
||||
- it: should succeed when only ingress.className is defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.className: "ingress-class"
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: ingress-class
|
||||
|
||||
- it: should succeed when only ingress.ingressClassName is defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.ingressClassName: "ingress-class"
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: ingress-class
|
@ -1,28 +1,7 @@
|
||||
suite: ingress template
|
||||
release:
|
||||
name: gitea-unittests
|
||||
namespace: testing
|
||||
suite: Test ingress tpl use
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
||||
- it: Ingress Class using TPL
|
||||
set:
|
||||
global.ingress.className: "ingress-class"
|
||||
@ -45,3 +24,22 @@ tests:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: "ingress-class"
|
||||
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
27
values.yaml
27
values.yaml
@ -154,33 +154,28 @@ service:
|
||||
|
||||
## @section Ingress
|
||||
## @param ingress.enabled Enable ingress
|
||||
## @param ingress.className Ingress class name
|
||||
## @param ingress.className DEPRECATED: Use `ingress.ingressClassName` instead.
|
||||
## @param ingress.ingressClassName Ingress class name
|
||||
## @param ingress.pathType Ingress Path Type
|
||||
## @param ingress.annotations Ingress annotations
|
||||
## @param ingress.hosts[0].host Default Ingress host
|
||||
## @param ingress.hosts[0].paths[0].path Default Ingress path
|
||||
## @param ingress.hosts[0].paths[0].pathType Ingress path type
|
||||
## @param ingress.hosts[0].paths Default Ingress path
|
||||
## @param ingress.tls Ingress tls settings
|
||||
## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd.
|
||||
ingress:
|
||||
enabled: false
|
||||
# className: nginx
|
||||
className:
|
||||
annotations:
|
||||
{}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
# DEPRECATED: Use `ingress.ingressClassName` instead.
|
||||
className: ""
|
||||
ingressClassName: ""
|
||||
pathType: Prefix
|
||||
annotations: {}
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: git.example.com
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
paths: []
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - git.example.com
|
||||
# Mostly for argocd or any other CI that uses `helm template | kubectl apply` or similar
|
||||
# If helm doesn't correctly detect your ingress API version you can set it here.
|
||||
# apiVersion: networking.k8s.io/v1
|
||||
|
||||
## @section deployment
|
||||
#
|
||||
|
Loading…
x
Reference in New Issue
Block a user