Skip set statements when TLS is disabled

RADAR-base · Apr 11, 2024 · 5a09f91 · 5a09f91
1 parent ecaf45a
commit 5a09f91
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 6 deletions.
diff --git a/helmfile.d/00-init.yaml b/helmfile.d/00-init.yaml
@@ -45,10 +45,15 @@ releases:
         value: {{ .Values.maintainer_email }}
       - name: graylog.ingress.hosts
         values: [graylog.{{ .Values.server_name }}]
+        # Do not set a custom hostname when TLS is disabled ("ingress.tls" is set to null).
+        {{- $values := .Values.graylog.graylog }}
+        {{- $useTLS := or (not (hasKey $values "ingress")) (not (kindIs "invalid" $values.ingress.tls)) }}
+        {{- if $useTLS }}
       - name: graylog.ingress.tls[0].secretName
         value: radar-base-tls
       - name: graylog.ingress.tls[0].hosts
         values: ["graylog.{{ .Values.server_name }}"]
+        {{ end }}
 
   - name: fluent-bit
     namespace: graylog
@@ -79,24 +84,42 @@ releases:
         value: {{ .Values.server_name }}
       - name: kube-prometheus-stack.prometheus.ingress.hosts
         values: ["prometheus.{{ .Values.server_name }}"]
+      - name: kube-prometheus-stack.grafana.ingress.hosts
+        values: ["grafana.{{ .Values.server_name }}"]
+      - name: kube-prometheus-stack.alertmanager.ingress.hosts
+        values: ["alertmanager.{{ .Values.server_name }}"]
+        # Do not set a custom hostname when TLS is disabled ("ingress.tls" is set to null).
+        {{- $values := index .Values.kube_prometheus_stack "kube-prometheus-stack" }}
+        {{- $useTLS := or 
+            (not (hasKey $values.prometheus "ingress")) 
+            (not (kindIs "invalid" $values.prometheus.ingress.tls))
+        }}
+        {{- if $useTLS }}
       - name: kube-prometheus-stack.prometheus.ingress.tls[0].secretName
         value: radar-base-tls-prometheus
       - name: kube-prometheus-stack.prometheus.ingress.tls[0].hosts
         values: ["prometheus.{{ .Values.server_name }}"]
-
-      - name: kube-prometheus-stack.alertmanager.ingress.hosts
-        values: ["alertmanager.{{ .Values.server_name }}"]
+        {{ end }}
+        {{- $useTLS := or
+            (not (hasKey $values.alertmanager "ingress"))
+            (not (kindIs "invalid" $values.alertmanager.ingress.tls))
+        }}
+        {{- if $useTLS }}
       - name: kube-prometheus-stack.alertmanager.ingress.tls[0].secretName
         value: radar-base-tls-alertmanager
       - name: kube-prometheus-stack.alertmanager.ingress.tls[0].hosts
         values: ["alertmanager.{{ .Values.server_name }}"]
-
-      - name: kube-prometheus-stack.grafana.ingress.hosts
-        values: ["grafana.{{ .Values.server_name }}"]
+        {{ end }}
+        {{- $useTLS := or
+            (not (hasKey $values.grafana "ingress"))
+            (not (kindIs "invalid" $values.grafana.ingress.tls))
+        }}
+        {{- if $useTLS }}
       - name: kube-prometheus-stack.grafana.ingress.tls[0].secretName
         value: radar-base-tls-grafana
       - name: kube-prometheus-stack.grafana.ingress.tls[0].hosts
         values: ["grafana.{{ .Values.server_name }}"]
+        {{ end }}
 
   - name: cert-manager
     namespace: cert-manager

diff --git a/helmfile.d/10-base.yaml b/helmfile.d/10-base.yaml
@@ -57,10 +57,15 @@ releases:
         value: "{{ .Values.server_name }}"
       - name: ingress.hosts[0].paths
         values: ["/schema/?(.*)"]
+      # Do not set a custom hostname when TLS is disabled ("ingress.tls" is set to null).
+      {{- $values := .Values.cp_schema_registry }}
+      {{- $useTLS := or (not (hasKey $values "ingress")) (not (kindIs "invalid" $values.ingress.tls)) }}
+      {{- if $useTLS }}
       - name: ingress.tls[0].secretName
         value: radar-base-tls
       - name: ingress.tls[0].hosts
         values: ["{{ .Values.server_name }}"]
+      {{ end }}
 
   - name: catalog-server
     chart: radar/catalog-server

diff --git a/helmfile.d/20-grafana.yaml b/helmfile.d/20-grafana.yaml
@@ -48,10 +48,15 @@ releases:
         values: ["dashboard.{{ .Values.server_name }}"]
       - name: "grafana\\.ini.server.root_url"
         value: "https://dashboard.{{ .Values.server_name }}/"
+        # Do not set a custom hostname when TLS is disabled ("ingress.tls" is set to null).
+        {{- $values := .Values.radar_grafana }}
+        {{- $useTLS := or (not (hasKey $values "ingress")) (not (kindIs "invalid" $values.ingress.tls)) }}
+        {{- if $useTLS }}
       - name: ingress.tls[0].secretName
         value: radar-base-tls-dashboard
       - name: ingress.tls[0].hosts
         values: ["dashboard.{{ .Values.server_name }}"]
+        {{- end }}
       - name: "grafana\\.ini.metrics.basic_auth_username"
         value: {{ .Values.grafana_metrics_username }}
       - name: "grafana\\.ini.metrics.basic_auth_password"