From 1b97aa34aad7324210dfc92a1f89ef911b2b8eb6 Mon Sep 17 00:00:00 2001 From: Moses Anzagi Date: Wed, 4 Dec 2024 22:57:09 +0300 Subject: [PATCH 1/3] make ingressClassName configurable in helm chart --- nginx-serve/helm/templates/ingress.yaml | 2 +- nginx-serve/helm/values-test.yaml | 1 + nginx-serve/helm/values.yaml | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/nginx-serve/helm/templates/ingress.yaml b/nginx-serve/helm/templates/ingress.yaml index eb55551f..db7fb571 100644 --- a/nginx-serve/helm/templates/ingress.yaml +++ b/nginx-serve/helm/templates/ingress.yaml @@ -7,7 +7,7 @@ metadata: environment: {{ .Values.environment }} release: {{ .Release.Name }} spec: - ingressClassName: nginx + ingressClassName: {{ required "ingress.className" .Values.ingress.className | quote }} rules: - host: {{ required "ingress.host" .Values.ingress.host | quote }} http: diff --git a/nginx-serve/helm/values-test.yaml b/nginx-serve/helm/values-test.yaml index 0c1c32b3..a5710a99 100644 --- a/nginx-serve/helm/values-test.yaml +++ b/nginx-serve/helm/values-test.yaml @@ -7,6 +7,7 @@ image: ingress: host: alert-hub-1.ifrc-go.org + className: nginx env: APP_TITLE: "Alert hub" diff --git a/nginx-serve/helm/values.yaml b/nginx-serve/helm/values.yaml index 300da1dc..b6d5bc23 100644 --- a/nginx-serve/helm/values.yaml +++ b/nginx-serve/helm/values.yaml @@ -15,6 +15,7 @@ resources: ingress: host: + className: env: APP_TITLE: "Alert hub" From ae44212d9a5590207826c7c6f744cd459573c836 Mon Sep 17 00:00:00 2001 From: Moses Anzagi Date: Thu, 5 Dec 2024 16:33:08 +0300 Subject: [PATCH 2/3] add tls config on ingress resource --- nginx-serve/helm/templates/ingress.yaml | 6 ++++++ nginx-serve/helm/values.yaml | 5 ++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/nginx-serve/helm/templates/ingress.yaml b/nginx-serve/helm/templates/ingress.yaml index db7fb571..e20f76f7 100644 --- a/nginx-serve/helm/templates/ingress.yaml +++ b/nginx-serve/helm/templates/ingress.yaml @@ -19,3 +19,9 @@ spec: name: {{ template "ifrcgo-web-app.fullname" . }}-svc port: number: 80 + {{- if .Values.ingress.tls.enabled }} + tls: + - hosts: + - {{ .Values.ingress.host | quote }} + secretName: {{ required "ingress.tls.secretName" .Values.ingress.tls.secretName }} + {{- end }} diff --git a/nginx-serve/helm/values.yaml b/nginx-serve/helm/values.yaml index b6d5bc23..93786dd7 100644 --- a/nginx-serve/helm/values.yaml +++ b/nginx-serve/helm/values.yaml @@ -15,7 +15,10 @@ resources: ingress: host: - className: + className: + tls: + enabled: false + secretName: env: APP_TITLE: "Alert hub" From 70155d3df8c06a3ec1e0a90b591787f8b79a4f7e Mon Sep 17 00:00:00 2001 From: thenav56 Date: Thu, 5 Dec 2024 19:49:17 +0545 Subject: [PATCH 3/3] Enable tls for staging/production --- nginx-serve/helm/values-production.yaml | 4 ++++ nginx-serve/helm/values-staging.yaml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/nginx-serve/helm/values-production.yaml b/nginx-serve/helm/values-production.yaml index d21c338e..bf5ea6e1 100644 --- a/nginx-serve/helm/values-production.yaml +++ b/nginx-serve/helm/values-production.yaml @@ -1,6 +1,10 @@ # NOTE: go-deploy can override or add additional configs https://github.com/IFRCGo/go-deploy environment: production +ingress: + tls: + enabled: true + env: APP_ENVIRONMENT: production APP_MAPBOX_ACCESS_TOKEN: pk.eyJ1IjoiZ28taWZyYyIsImEiOiJjams3b2ZhZWswMGFvM3hxeHp2ZHFhOTRrIn0._pqO9OQ2iNeDGrpopJNjpg diff --git a/nginx-serve/helm/values-staging.yaml b/nginx-serve/helm/values-staging.yaml index 72051060..6b94797e 100644 --- a/nginx-serve/helm/values-staging.yaml +++ b/nginx-serve/helm/values-staging.yaml @@ -1,6 +1,10 @@ # NOTE: go-deploy can override or add additional configs https://github.com/IFRCGo/go-deploy environment: staging +ingress: + tls: + enabled: true + env: APP_ENVIRONMENT: staging APP_MAPBOX_ACCESS_TOKEN: pk.eyJ1IjoiZ28taWZyYyIsImEiOiJjams3b2ZhZWswMGFvM3hxeHp2ZHFhOTRrIn0._pqO9OQ2iNeDGrpopJNjpg