Skip to content
Snippets Groups Projects
Commit 0ec284b6 authored by OZGCloud's avatar OZGCloud
Browse files

improve ingress annotations and remove cluster_env

parent 4f22a28c
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/main/helm/templates/ingress.yaml
+ 10
16
View file @ 0ec284b6
...@@ -26,29 +26,21 @@ apiVersion: networking.k8s.io/v1 ...@@ -26,29 +26,21 @@ apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations: annotations:
{{- if .Values.ingress.configuration_snippet }} {{- with (.Values.ingress).annotations }}
{{- with .Values.ingress.configuration_snippet }}
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end }} {{- end }}
more_set_headers "Access-Control-Allow-Origin: {{ (include "app.alfaAddress" .) }}"; {{- if not (.Values.ingress).disableDefaultCertManager }}
{{- end }} {{- if (.Values.ingress).use_staging_cert }}
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if (.Values.ingress).certManagerAnnotations -}}
{{- range (.Values.ingress).certManagerAnnotations }}
{{ . | indent 4 }}
{{- end }}
{{- else if (.Values.ingress).use_staging_cert }}
cert-manager.io/cluster-issuer: letsencrypt-staging cert-manager.io/cluster-issuer: letsencrypt-staging
{{- else }} {{- else }}
cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/cluster-issuer: letsencrypt-prod
{{- end }} {{- end }}
{{- end }}
name: {{ include "app.name" . }} name: {{ include "app.name" . }}
namespace: {{ include "app.namespace" . }} namespace: {{ include "app.namespace" . }}
spec: spec:
{{- if and (.Values.ingress).className (ne (.Values).cluster_env "dataport") }} {{- if (.Values.ingress).className }}
ingressClassName: {{ .Values.ingress.className }} ingressClassName: {{ (.Values.ingress).className }}
{{- end }} {{- end }}
rules: rules:
- http: - http:
...@@ -64,8 +56,10 @@ spec: ...@@ -64,8 +56,10 @@ spec:
tls: tls:
- hosts: - hosts:
- {{ ( include "app.baseDomain" . ) }} - {{ ( include "app.baseDomain" . ) }}
{{- if not (.Values.ingress).skipTlsSecret -}}
{{- if (.Values.ingress).tlsSecretName }} {{- if (.Values.ingress).tlsSecretName }}
secretName: {{ (.Values.ingress).tlsSecretName }} secretName: {{ (.Values.ingress).tlsSecretName }}
{{- else if ne (.Values).cluster_env "dataport" }} {{- else }}
secretName: {{ .Values.ozgcloud.bezeichner }}-{{ include "app.name" . }}-tls secretName: {{ .Values.ozgcloud.bezeichner }}-{{ include "app.name" . }}-tls
{{- end }} {{- end }}
{{- end }}
\ No newline at end of file
src/main/helm/values.yaml
+ 0
9
View file @ 0ec284b6
...@@ -22,8 +22,6 @@ ...@@ -22,8 +22,6 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen. # unter der Lizenz sind dem Lizenztext zu entnehmen.
# #
cluster_env: ""
replicaCount: 2 replicaCount: 2
image: image:
...@@ -38,10 +36,3 @@ ozgcloud: ...@@ -38,10 +36,3 @@ ozgcloud:
keycloak: keycloak:
api: api:
user: userManagerApiUser user: userManagerApiUser
ingress:
configuration_snippet:
nginx.ingress.kubernetes.io/configuration-snippet: |
more_set_headers "Access-Control-Allow-Methods: GET,PATCH,OPTIONS";
more_set_headers "Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-XSRF-TOKEN";
more_set_headers "Access-Control-Expose-Headers: Content-Length,Content-Range";
src/test/helm/ingress-nginx-tests.yaml
+ 10
5
View file @ 0ec284b6
...@@ -49,13 +49,11 @@ tests: ...@@ -49,13 +49,11 @@ tests:
- equal: - equal:
path: spec.ingressClassName path: spec.ingressClassName
value: nginx value: nginx
- it: should not create ingress tls/ingressClassName - it: should not create ingress tls secret name
set: set:
cluster_env: dataport ingress.skipTlsSecret: true
asserts: asserts:
- isNull: - notExists:
path: spec.ingressClassName
- isNull:
path: spec.tls[0].secretName path: spec.tls[0].secretName
- it: should use default letsencrypt-prod cluster-issuer - it: should use default letsencrypt-prod cluster-issuer
asserts: asserts:
...@@ -77,6 +75,13 @@ tests: ...@@ -77,6 +75,13 @@ tests:
path: metadata.annotations["cert-manager.io/cluster-issuer"] path: metadata.annotations["cert-manager.io/cluster-issuer"]
value: letsencrypt-prod value: letsencrypt-prod
- it: should disable default cert-manager
set:
ingress.disableDefaultCertManager: true
asserts:
- notExists:
path: metadata.annotations["cert-manager.io/cluster-issuer"]
- it: should create hostname correctly - it: should create hostname correctly
asserts: asserts:
- equal: - equal:
......
src/test/helm/ingress_nginx_cors_test.yaml
+ 8
0
View file @ 0ec284b6
...@@ -34,6 +34,14 @@ set: ...@@ -34,6 +34,14 @@ set:
bezeichner: helm bezeichner: helm
tests: tests:
- it: check ingress annotations if nginx test environment - it: check ingress annotations if nginx test environment
set:
ingress:
annotations:
nginx.ingress.kubernetes.io/configuration-snippet: |
more_set_headers "Access-Control-Allow-Methods: GET,PATCH,OPTIONS";
more_set_headers "Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-XSRF-TOKEN";
more_set_headers "Access-Control-Expose-Headers: Content-Length,Content-Range";
more_set_headers "Access-Control-Allow-Origin: https://helm.test.sh.ozg-cloud.de";
asserts: asserts:
- isKind: - isKind:
of: Ingress of: Ingress
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutz - Barrierefreiheit