diff --git a/cmd/helpers_values.go b/cmd/helpers_values.go index e51a9639..845a8efa 100644 --- a/cmd/helpers_values.go +++ b/cmd/helpers_values.go @@ -178,6 +178,7 @@ func collectBuildValues(debug bool, activeEnv, standbyEnv *bool, func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues, lagoonServiceTypes *lagoon.EnvironmentVariable, csName string, csValues composetypes.ServiceConfig) (lagoon.ServiceValues, error) { lagoonType := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.type") autogenEnabled := true + autogenTLSAcmeEnabled := true // check if autogenerated routes are disabled if lYAML.Routes.Autogenerate.Enabled != nil { if *lYAML.Routes.Autogenerate.Enabled == false { @@ -200,6 +201,12 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues autogenEnabled = true } } + // check if autogenerated routes tls-acme disabled + if lYAML.Routes.Autogenerate.TLSAcme != nil { + if *lYAML.Routes.Autogenerate.TLSAcme == false { + autogenTLSAcmeEnabled = false + } + } if lagoonType != "" { if value, ok := lYAML.Environments[environmentName].Types[csName]; ok { lagoonType = value @@ -213,6 +220,7 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues } } } + // check if the service has a specific override serviceAutogenerated := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.autogeneratedroute") if serviceAutogenerated != "" { if reflect.TypeOf(serviceAutogenerated).Kind() == reflect.String { @@ -222,6 +230,16 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues } } } + // check if the service has a tls-acme specific override + serviceAutogeneratedTLSAcme := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.autogeneratedroute.tls-acme") + if serviceAutogeneratedTLSAcme != "" { + if reflect.TypeOf(serviceAutogeneratedTLSAcme).Kind() == reflect.String { + vBool, err := strconv.ParseBool(serviceAutogeneratedTLSAcme) + if err == nil { + autogenTLSAcmeEnabled = vBool + } + } + } lagoonTypeName := lagoon.CheckServiceLagoonLabel(csValues.Labels, "lagoon.name") if lagoonTypeName != "" { if lagoonTypeName != csName { @@ -231,9 +249,10 @@ func composeToServiceValues(lYAML *lagoon.YAML, lagoonValues *lagoon.BuildValues } } cService := lagoon.ServiceValues{ - Name: csName, - Type: lagoonType, - AutogeneratedRoutes: autogenEnabled, + Name: csName, + Type: lagoonType, + AutogeneratedRoutesEnabled: autogenEnabled, + AutogeneratedRoutesTLSAcme: autogenTLSAcmeEnabled, } return cService, nil } diff --git a/cmd/template_autogen_ingress.go b/cmd/template_autogen_ingress.go index 2c9bff23..9ef2971f 100644 --- a/cmd/template_autogen_ingress.go +++ b/cmd/template_autogen_ingress.go @@ -78,7 +78,7 @@ func generateAutogenRoutes( for serviceName, service := range lagoonValues.Services { // get the service type // if autogenerated routes are enabled, generate them :) - if service.AutogeneratedRoutes { + if service.AutogeneratedRoutesEnabled { if helpers.Contains(supportedAutogeneratedTypes, service.Type) { domain, shortDomain := AutogeneratedDomainFromPattern(lagoonRouterPattern.Value, serviceName) serviceValues := lagoon.ServiceValues{ @@ -106,7 +106,7 @@ func generateAutogenRoutes( autogenRoute := lagoon.RouteV2{ Domain: domain, Fastly: *fastlyConfig, - TLSAcme: helpers.BoolPtr(true), + TLSAcme: helpers.BoolPtr(service.AutogeneratedRoutesTLSAcme), // overwrite the custom-ingress labels Labels: map[string]string{ "lagoon.sh/autogenerated": "true", diff --git a/cmd/template_autogen_ingress_test.go b/cmd/template_autogen_ingress_test.go index 3308ddaa..de50e89a 100644 --- a/cmd/template_autogen_ingress_test.go +++ b/cmd/template_autogen_ingress_test.go @@ -394,6 +394,46 @@ func TestAutogeneratedIngressGeneration(t *testing.T) { emptyDir: false, want: "../test-resources/template-autogenerated/test17-results", }, + { + name: "test18 autogenerated route tls-acme disabled", + args: args{ + alertContact: "alertcontact", + statusPageID: "statuspageid", + projectName: "example-project", + environmentName: "main", + environmentType: "production", + buildType: "branch", + lagoonVersion: "v2.7.x", + branch: "main", + projectVars: `[{"name":"LAGOON_SYSTEM_ROUTER_PATTERN","value":"${service}-${project}-${environment}.example.com","scope":"internal_system"}]`, + envVars: `[]`, + secretPrefix: "fastly-api-", + lagoonYAML: "../test-resources/template-autogenerated/test18/lagoon.yml", + templatePath: "../test-resources/template-autogenerated/output", + }, + emptyDir: false, + want: "../test-resources/template-autogenerated/test18-results", + }, + { + name: "test19 autogenerated routes but tls-acme disabled by service label", + args: args{ + alertContact: "alertcontact", + statusPageID: "statuspageid", + projectName: "example-project", + environmentName: "main", + environmentType: "production", + buildType: "branch", + lagoonVersion: "v2.7.x", + branch: "main", + projectVars: `[{"name":"LAGOON_SYSTEM_ROUTER_PATTERN","value":"${service}-${project}-${environment}.example.com","scope":"internal_system"}]`, + envVars: `[]`, + secretPrefix: "fastly-api-", + lagoonYAML: "../test-resources/template-autogenerated/test19/lagoon.yml", + templatePath: "../test-resources/template-autogenerated/output", + }, + emptyDir: false, + want: "../test-resources/template-autogenerated/test19-results", + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { diff --git a/internal/lagoon/buildvalues.go b/internal/lagoon/buildvalues.go index 4f1595e7..31d5ce59 100644 --- a/internal/lagoon/buildvalues.go +++ b/internal/lagoon/buildvalues.go @@ -2,19 +2,17 @@ package lagoon // BuildValues is the values file data generated by the lagoon build type BuildValues struct { - Project string `json:"project"` - Environment string `json:"environment"` - EnvironmentType string `json:"environmentType"` - Namespace string `json:"namespace"` - GitSha string `json:"gitSha"` - BuildType string `json:"buildType"` - RoutesAutogenerateInsecure string `json:"routesAutogenerateInsecure"` - RoutesAutogenerateEnabled string `json:"routesAutogenerateEnabled"` - Kubernetes string `json:"kubernetes"` - LagoonVersion string `json:"lagoonVersion"` - ActiveEnvironment string `json:"activeEnvironment"` - StandbyEnvironment string `json:"standbyEnvironment"` - PodSecurityContext struct { + Project string `json:"project"` + Environment string `json:"environment"` + EnvironmentType string `json:"environmentType"` + Namespace string `json:"namespace"` + GitSha string `json:"gitSha"` + BuildType string `json:"buildType"` + Kubernetes string `json:"kubernetes"` + LagoonVersion string `json:"lagoonVersion"` + ActiveEnvironment string `json:"activeEnvironment"` + StandbyEnvironment string `json:"standbyEnvironment"` + PodSecurityContext struct { FsGroup int `json:"fsGroup"` RunAsGroup int `json:"runAsGroup"` RunAsUser int `json:"runAsUser"` @@ -44,7 +42,8 @@ type BuildValues struct { type ServiceValues struct { Name string `json:"name"` Type string `json:"type"` - AutogeneratedRoutes bool `json:"autogeneratedRoutes"` + AutogeneratedRoutesEnabled bool `json:"autogeneratedRoutesEnabled"` + AutogeneratedRoutesTLSAcme bool `json:"autogeneratedRoutesTLSAcme"` AutogeneratedRouteDomain string `json:"autogeneratedRouteDomain"` ShortAutogeneratedRouteDomain string `json:"shortAutogeneratedRouteDomain"` DBaaSEnvironment string `json:"dbaasEnvironment"` diff --git a/internal/lagoon/lagoon.go b/internal/lagoon/lagoon.go index 8667089a..37f17ba9 100644 --- a/internal/lagoon/lagoon.go +++ b/internal/lagoon/lagoon.go @@ -54,6 +54,7 @@ type Autogenerate struct { AllowPullRequests *bool `json:"allowPullRequests"` Insecure string `json:"insecure"` Prefixes []string `json:"prefixes"` + TLSAcme *bool `json:"tls-acme,omitempty"` } // UnmarshalLagoonYAML unmarshal the lagoon.yml file into a YAML and map for consumption. diff --git a/test-resources/template-autogenerated/test18-results/node.yaml b/test-resources/template-autogenerated/test18-results/node.yaml new file mode 100644 index 00000000..5b641546 --- /dev/null +++ b/test-resources/template-autogenerated/test18-results/node.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + fastly.amazee.io/watch: "false" + ingress.kubernetes.io/ssl-redirect: "true" + kubernetes.io/tls-acme: "false" + lagoon.sh/branch: main + lagoon.sh/version: v2.7.x + monitor.stakater.com/enabled: "false" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + creationTimestamp: null + labels: + app.kubernetes.io/instance: node + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: autogenerated-ingress + dioscuri.amazee.io/migrate: "false" + helm.sh/chart: autogenerated-ingress-0.1.0 + lagoon.sh/autogenerated: "true" + lagoon.sh/buildType: branch + lagoon.sh/environment: main + lagoon.sh/environmentType: production + lagoon.sh/project: example-project + lagoon.sh/service: node + lagoon.sh/service-type: node + name: node +spec: + rules: + - host: node-example-project-main.example.com + http: + paths: + - backend: + service: + name: node + port: + name: http + path: / + pathType: Prefix + tls: + - hosts: + - node-example-project-main.example.com + secretName: node-tls +status: + loadBalancer: {} diff --git a/test-resources/template-autogenerated/test18/docker-compose.yml b/test-resources/template-autogenerated/test18/docker-compose.yml new file mode 100644 index 00000000..85386270 --- /dev/null +++ b/test-resources/template-autogenerated/test18/docker-compose.yml @@ -0,0 +1,20 @@ +version: '2' +services: + node: + networks: + - amazeeio-network + - default + build: + context: . + dockerfile: node.dockerfile + labels: + lagoon.type: node + volumes: + - .:/app:delegated + environment: + - LAGOON_LOCALDEV_HTTP_PORT=3000 + - LAGOON_ROUTE=http://node.docker.amazee.io + +networks: + amazeeio-network: + external: true \ No newline at end of file diff --git a/test-resources/template-autogenerated/test18/lagoon.yml b/test-resources/template-autogenerated/test18/lagoon.yml new file mode 100644 index 00000000..f0a68b2d --- /dev/null +++ b/test-resources/template-autogenerated/test18/lagoon.yml @@ -0,0 +1,16 @@ +docker-compose-yaml: ../test-resources/template-autogenerated/test18/docker-compose.yml + +routes: + autogenerate: + enabled: true + insecure: Redirect + tls-acme: false + +environment_variables: + git_sha: "true" + +environments: + main: + routes: + - node: + - example.com diff --git a/test-resources/template-autogenerated/test19-results/node.yaml b/test-resources/template-autogenerated/test19-results/node.yaml new file mode 100644 index 00000000..5b641546 --- /dev/null +++ b/test-resources/template-autogenerated/test19-results/node.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + fastly.amazee.io/watch: "false" + ingress.kubernetes.io/ssl-redirect: "true" + kubernetes.io/tls-acme: "false" + lagoon.sh/branch: main + lagoon.sh/version: v2.7.x + monitor.stakater.com/enabled: "false" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + creationTimestamp: null + labels: + app.kubernetes.io/instance: node + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: autogenerated-ingress + dioscuri.amazee.io/migrate: "false" + helm.sh/chart: autogenerated-ingress-0.1.0 + lagoon.sh/autogenerated: "true" + lagoon.sh/buildType: branch + lagoon.sh/environment: main + lagoon.sh/environmentType: production + lagoon.sh/project: example-project + lagoon.sh/service: node + lagoon.sh/service-type: node + name: node +spec: + rules: + - host: node-example-project-main.example.com + http: + paths: + - backend: + service: + name: node + port: + name: http + path: / + pathType: Prefix + tls: + - hosts: + - node-example-project-main.example.com + secretName: node-tls +status: + loadBalancer: {} diff --git a/test-resources/template-autogenerated/test19/docker-compose.yml b/test-resources/template-autogenerated/test19/docker-compose.yml new file mode 100644 index 00000000..d7ff82f7 --- /dev/null +++ b/test-resources/template-autogenerated/test19/docker-compose.yml @@ -0,0 +1,21 @@ +version: '2' +services: + node: + networks: + - amazeeio-network + - default + build: + context: . + dockerfile: node.dockerfile + labels: + lagoon.type: node + lagoon.autogeneratedroute.tls-acme: false + volumes: + - .:/app:delegated + environment: + - LAGOON_LOCALDEV_HTTP_PORT=3000 + - LAGOON_ROUTE=http://node.docker.amazee.io + +networks: + amazeeio-network: + external: true \ No newline at end of file diff --git a/test-resources/template-autogenerated/test19/lagoon.yml b/test-resources/template-autogenerated/test19/lagoon.yml new file mode 100644 index 00000000..554a603f --- /dev/null +++ b/test-resources/template-autogenerated/test19/lagoon.yml @@ -0,0 +1,14 @@ +docker-compose-yaml: ../test-resources/template-autogenerated/test19/docker-compose.yml + +routes: + autogenerate: + insecure: Redirect + +environment_variables: + git_sha: "true" + +environments: + main: + routes: + - node: + - example.com