feat: autogenerated routes tls-acme feature

uselagoon · Jun 13, 2022 · 0c65de1 · 0c65de1
1 parent 290de93
commit 0c65de1
Show file tree

Hide file tree

Showing 11 changed files with 239 additions and 19 deletions.
diff --git a/cmd/helpers_values.go b/cmd/helpers_values.go
@@ -178,6 +178,7 @@ func collectBuildValues(debug bool, activeEnv, standbyEnv *bool,
 func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues, lagoonServiceTypes *lagoon.EnvironmentVariable, csName string, csValues composetypes.ServiceConfig) (lagoon.ServiceValues, error) {
 	lagoonType := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.type")
 	autogenEnabled := true
+	autogenTLSAcmeEnabled := true
 	// check if autogenerated routes are disabled
 	if lYAML.Routes.Autogenerate.Enabled != nil {
 		if *lYAML.Routes.Autogenerate.Enabled == false {
@@ -200,6 +201,12 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues
 			autogenEnabled = true
 		}
 	}
+	// check if autogenerated routes tls-acme disabled
+	if lYAML.Routes.Autogenerate.TLSAcme != nil {
+		if *lYAML.Routes.Autogenerate.TLSAcme == false {
+			autogenTLSAcmeEnabled = false
+		}
+	}
 	if lagoonType != "" {
 		if value, ok := lYAML.Environments[environmentName].Types[csName]; ok {
 			lagoonType = value
@@ -213,6 +220,7 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues
 				}
 			}
 		}
+		// check if the service has a specific override
 		serviceAutogenerated := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.autogeneratedroute")
 		if serviceAutogenerated != "" {
 			if reflect.TypeOf(serviceAutogenerated).Kind() == reflect.String {
@@ -222,6 +230,16 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues
 				}
 			}
 		}
+		// check if the service has a tls-acme specific override
+		serviceAutogeneratedTLSAcme := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.autogeneratedroute.tls-acme")
+		if serviceAutogeneratedTLSAcme != "" {
+			if reflect.TypeOf(serviceAutogeneratedTLSAcme).Kind() == reflect.String {
+				vBool, err := strconv.ParseBool(serviceAutogeneratedTLSAcme)
+				if err == nil {
+					autogenTLSAcmeEnabled = vBool
+				}
+			}
+		}
 		lagoonTypeName := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.name")
 		if lagoonTypeName != "" {
 			if lagoonTypeName != csName {
@@ -231,9 +249,10 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues
 			}
 		}
 		cService := lagoon.ServiceValues{
-			Name:                csName,
-			Type:                lagoonType,
-			AutogeneratedRoutes: autogenEnabled,
+			Name:                       csName,
+			Type:                       lagoonType,
+			AutogeneratedRoutesEnabled: autogenEnabled,
+			AutogeneratedRoutesTLSAcme: autogenTLSAcmeEnabled,
 		}
 		return cService, nil
 	}

diff --git a/cmd/template_autogen_ingress.go b/cmd/template_autogen_ingress.go
@@ -78,7 +78,7 @@ func generateAutogenRoutes(
 		for serviceName, service := range lagoonValues.Services {
 			// get the service type
 			// if autogenerated routes are enabled, generate them :)
-			if service.AutogeneratedRoutes {
+			if service.AutogeneratedRoutesEnabled {
 				if helpers.Contains(supportedAutogeneratedTypes, service.Type) {
 					domain, shortDomain := AutogeneratedDomainFromPattern(lagoonRouterPattern.Value, serviceName)
 					serviceValues := lagoon.ServiceValues{
@@ -106,7 +106,7 @@ func generateAutogenRoutes(
 					autogenRoute := lagoon.RouteV2{
 						Domain:  domain,
 						Fastly:  *fastlyConfig,
-						TLSAcme: helpers.BoolPtr(true),
+						TLSAcme: helpers.BoolPtr(service.AutogeneratedRoutesTLSAcme),
 						// overwrite the custom-ingress labels
 						Labels: map[string]string{
 							"lagoon.sh/autogenerated":    "true",

diff --git a/cmd/template_autogen_ingress_test.go b/cmd/template_autogen_ingress_test.go
@@ -394,6 +394,46 @@ func TestAutogeneratedIngressGeneration(t *testing.T) {
 			emptyDir: false,
 			want:     "../test-resources/template-autogenerated/test17-results",
 		},
+		{
+			name: "test18 autogenerated route tls-acme disabled",
+			args: args{
+				alertContact:    "alertcontact",
+				statusPageID:    "statuspageid",
+				projectName:     "example-project",
+				environmentName: "main",
+				environmentType: "production",
+				buildType:       "branch",
+				lagoonVersion:   "v2.7.x",
+				branch:          "main",
+				projectVars:     `[{"name":"LAGOON_SYSTEM_ROUTER_PATTERN","value":"${service}-${project}-${environment}.example.com","scope":"internal_system"}]`,
+				envVars:         `[]`,
+				secretPrefix:    "fastly-api-",
+				lagoonYAML:      "../test-resources/template-autogenerated/test18/lagoon.yml",
+				templatePath:    "../test-resources/template-autogenerated/output",
+			},
+			emptyDir: false,
+			want:     "../test-resources/template-autogenerated/test18-results",
+		},
+		{
+			name: "test19 autogenerated routes but tls-acme disabled by service label",
+			args: args{
+				alertContact:    "alertcontact",
+				statusPageID:    "statuspageid",
+				projectName:     "example-project",
+				environmentName: "main",
+				environmentType: "production",
+				buildType:       "branch",
+				lagoonVersion:   "v2.7.x",
+				branch:          "main",
+				projectVars:     `[{"name":"LAGOON_SYSTEM_ROUTER_PATTERN","value":"${service}-${project}-${environment}.example.com","scope":"internal_system"}]`,
+				envVars:         `[]`,
+				secretPrefix:    "fastly-api-",
+				lagoonYAML:      "../test-resources/template-autogenerated/test19/lagoon.yml",
+				templatePath:    "../test-resources/template-autogenerated/output",
+			},
+			emptyDir: false,
+			want:     "../test-resources/template-autogenerated/test19-results",
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {

diff --git a/internal/lagoon/buildvalues.go b/internal/lagoon/buildvalues.go
@@ -2,19 +2,17 @@ package lagoon
 
 // BuildValues is the values file data generated by the lagoon build
 type BuildValues struct {
-	Project                    string `json:"project"`
-	Environment                string `json:"environment"`
-	EnvironmentType            string `json:"environmentType"`
-	Namespace                  string `json:"namespace"`
-	GitSha                     string `json:"gitSha"`
-	BuildType                  string `json:"buildType"`
-	RoutesAutogenerateInsecure string `json:"routesAutogenerateInsecure"`
-	RoutesAutogenerateEnabled  string `json:"routesAutogenerateEnabled"`
-	Kubernetes                 string `json:"kubernetes"`
-	LagoonVersion              string `json:"lagoonVersion"`
-	ActiveEnvironment          string `json:"activeEnvironment"`
-	StandbyEnvironment         string `json:"standbyEnvironment"`
-	PodSecurityContext         struct {
+	Project            string `json:"project"`
+	Environment        string `json:"environment"`
+	EnvironmentType    string `json:"environmentType"`
+	Namespace          string `json:"namespace"`
+	GitSha             string `json:"gitSha"`
+	BuildType          string `json:"buildType"`
+	Kubernetes         string `json:"kubernetes"`
+	LagoonVersion      string `json:"lagoonVersion"`
+	ActiveEnvironment  string `json:"activeEnvironment"`
+	StandbyEnvironment string `json:"standbyEnvironment"`
+	PodSecurityContext struct {
 		FsGroup    int `json:"fsGroup"`
 		RunAsGroup int `json:"runAsGroup"`
 		RunAsUser  int `json:"runAsUser"`
@@ -44,7 +42,8 @@ type BuildValues struct {
 type ServiceValues struct {
 	Name                          string                   `json:"name"`
 	Type                          string                   `json:"type"`
-	AutogeneratedRoutes           bool                     `json:"autogeneratedRoutes"`
+	AutogeneratedRoutesEnabled    bool                     `json:"autogeneratedRoutesEnabled"`
+	AutogeneratedRoutesTLSAcme    bool                     `json:"autogeneratedRoutesTLSAcme"`
 	AutogeneratedRouteDomain      string                   `json:"autogeneratedRouteDomain"`
 	ShortAutogeneratedRouteDomain string                   `json:"shortAutogeneratedRouteDomain"`
 	DBaaSEnvironment              string                   `json:"dbaasEnvironment"`

diff --git a/internal/lagoon/lagoon.go b/internal/lagoon/lagoon.go
@@ -54,6 +54,7 @@ type Autogenerate struct {
 	AllowPullRequests *bool    `json:"allowPullRequests"`
 	Insecure          string   `json:"insecure"`
 	Prefixes          []string `json:"prefixes"`
+	TLSAcme           *bool    `json:"tls-acme,omitempty"`
 }
 
 // UnmarshalLagoonYAML unmarshal the lagoon.yml file into a YAML and map for consumption.

diff --git a/test-resources/template-autogenerated/test18-results/node.yaml b/test-resources/template-autogenerated/test18-results/node.yaml
@@ -0,0 +1,45 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    fastly.amazee.io/watch: "false"
+    ingress.kubernetes.io/ssl-redirect: "true"
+    kubernetes.io/tls-acme: "false"
+    lagoon.sh/branch: main
+    lagoon.sh/version: v2.7.x
+    monitor.stakater.com/enabled: "false"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/instance: node
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: autogenerated-ingress
+    dioscuri.amazee.io/migrate: "false"
+    helm.sh/chart: autogenerated-ingress-0.1.0
+    lagoon.sh/autogenerated: "true"
+    lagoon.sh/buildType: branch
+    lagoon.sh/environment: main
+    lagoon.sh/environmentType: production
+    lagoon.sh/project: example-project
+    lagoon.sh/service: node
+    lagoon.sh/service-type: node
+  name: node
+spec:
+  rules:
+  - host: node-example-project-main.example.com
+    http:
+      paths:
+      - backend:
+          service:
+            name: node
+            port:
+              name: http
+        path: /
+        pathType: Prefix
+  tls:
+  - hosts:
+    - node-example-project-main.example.com
+    secretName: node-tls
+status:
+  loadBalancer: {}
diff --git a/test-resources/template-autogenerated/test18/docker-compose.yml b/test-resources/template-autogenerated/test18/docker-compose.yml
@@ -0,0 +1,20 @@
+version: '2'
+services:
+  node:
+    networks:
+      - amazeeio-network
+      - default
+    build:
+      context: .
+      dockerfile: node.dockerfile
+    labels:
+      lagoon.type: node
+    volumes:
+      - .:/app:delegated
+    environment:
+      - LAGOON_LOCALDEV_HTTP_PORT=3000
+      - LAGOON_ROUTE=http://node.docker.amazee.io
+
+networks:
+  amazeeio-network:
+    external: true
diff --git a/test-resources/template-autogenerated/test18/lagoon.yml b/test-resources/template-autogenerated/test18/lagoon.yml
@@ -0,0 +1,16 @@
+docker-compose-yaml: ../test-resources/template-autogenerated/test18/docker-compose.yml
+
+routes:
+  autogenerate:
+    enabled: true
+    insecure: Redirect
+    tls-acme: false
+
+environment_variables:
+  git_sha: "true"
+
+environments:
+  main:
+    routes:
+      - node:
+          - example.com
diff --git a/test-resources/template-autogenerated/test19-results/node.yaml b/test-resources/template-autogenerated/test19-results/node.yaml
@@ -0,0 +1,45 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    fastly.amazee.io/watch: "false"
+    ingress.kubernetes.io/ssl-redirect: "true"
+    kubernetes.io/tls-acme: "false"
+    lagoon.sh/branch: main
+    lagoon.sh/version: v2.7.x
+    monitor.stakater.com/enabled: "false"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/instance: node
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: autogenerated-ingress
+    dioscuri.amazee.io/migrate: "false"
+    helm.sh/chart: autogenerated-ingress-0.1.0
+    lagoon.sh/autogenerated: "true"
+    lagoon.sh/buildType: branch
+    lagoon.sh/environment: main
+    lagoon.sh/environmentType: production
+    lagoon.sh/project: example-project
+    lagoon.sh/service: node
+    lagoon.sh/service-type: node
+  name: node
+spec:
+  rules:
+  - host: node-example-project-main.example.com
+    http:
+      paths:
+      - backend:
+          service:
+            name: node
+            port:
+              name: http
+        path: /
+        pathType: Prefix
+  tls:
+  - hosts:
+    - node-example-project-main.example.com
+    secretName: node-tls
+status:
+  loadBalancer: {}
diff --git a/test-resources/template-autogenerated/test19/docker-compose.yml b/test-resources/template-autogenerated/test19/docker-compose.yml
@@ -0,0 +1,21 @@
+version: '2'
+services:
+  node:
+    networks:
+      - amazeeio-network
+      - default
+    build:
+      context: .
+      dockerfile: node.dockerfile
+    labels:
+      lagoon.type: node
+      lagoon.autogeneratedroute.tls-acme: false
+    volumes:
+      - .:/app:delegated
+    environment:
+      - LAGOON_LOCALDEV_HTTP_PORT=3000
+      - LAGOON_ROUTE=http://node.docker.amazee.io
+
+networks:
+  amazeeio-network:
+    external: true
diff --git a/test-resources/template-autogenerated/test19/lagoon.yml b/test-resources/template-autogenerated/test19/lagoon.yml
@@ -0,0 +1,14 @@
+docker-compose-yaml: ../test-resources/template-autogenerated/test19/docker-compose.yml
+
+routes:
+  autogenerate:
+    insecure: Redirect
+
+environment_variables:
+  git_sha: "true"
+
+environments:
+  main:
+    routes:
+      - node:
+          - example.com