hogweed1/k8s
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
572f34489f
k8s/helm-charts/dashy/charts/common/templates/class/_ingress.tpl

158 lines
6.2 KiB
Smarty
Raw Normal View History

new way of doin
2023-11-16 19:42:02 +10:00
{{/*
This template serves as a blueprint for all Ingress objects that are created
within the common library.
*/}}
{{- define "tc.v1.common.class.ingress" -}}
{{- $fullName := include "tc.v1.common.lib.chart.names.fullname" . -}}
{{- $ingressName := $fullName -}}
{{- $values := .Values.ingress -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.ingress -}}
{{- $values = . -}}
{{- end -}}
{{- end -}}
{{- $ingressLabels := $values.labels -}}
{{- $ingressAnnotations := $values.annotations -}}
{{- $ingressName = $values.name -}}
{{/* Get the name of the primary service, if any */}}
{{- $primaryServiceName := (include "tc.v1.common.lib.util.service.primary" (dict "services" .Values.service "root" .)) -}}
{{/* Get service values of the primary service, if any */}}
{{- $primaryService := get .Values.service $primaryServiceName -}}
{{- $defaultServiceName := $fullName -}}
{{- if and (hasKey $primaryService "nameOverride") $primaryService.nameOverride -}}
{{- $defaultServiceName = printf "%v-%v" $defaultServiceName $primaryService.nameOverride -}}
{{- end -}}
{{- $defaultServicePort := get $primaryService.ports (include "tc.v1.common.lib.util.service.ports.primary" (dict "svcValues" $primaryService "svcName" $primaryServiceName )) -}}
{{- $mddwrNamespace := "tc-system" -}}
{{- if $.Values.operator.traefik -}}
{{- if $.Values.operator.traefik.namespace -}}
{{- $mddwrNamespace = $.Values.operator.traefik.namespace -}}
{{- end -}}
{{- end -}}
{{- if $values.ingressClassName -}}
{{- if $.Values.global.ixChartContext -}}
{{- $mddwrNamespace = (printf "ix-%s" $values.ingressClassName) -}}
{{- else -}}
{{- $mddwrNamespace = $values.ingressClassName -}}
{{- end -}}
{{- end -}}
{{- $fixedMiddlewares := "" -}}
{{- if $values.enableFixedMiddlewares -}}
{{/* If cors is enabled, replace the default fixedMiddleware with the opencors chain */}}
{{- if $values.allowCors -}}
{{- $corsMiddlewares := list "tc-opencors-chain" }}
{{- $_ := set $values "fixedMiddlewares" $corsMiddlewares -}}
{{- end -}}
{{- range $index, $fixedMiddleware := $values.fixedMiddlewares -}}
{{- if $index -}}
{{- $fixedMiddlewares = ( printf "%v, %v-%v@%v" $fixedMiddlewares $mddwrNamespace $fixedMiddleware "kubernetescrd" ) -}}
{{- else -}}
{{- $fixedMiddlewares = ( printf "%v-%v@%v" $mddwrNamespace $fixedMiddleware "kubernetescrd" ) -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- $middlewares := "" -}}
{{- range $index, $middleware := $values.middlewares -}}
{{- if $index -}}
{{- $middlewares = ( printf "%v, %v-%v@%v" $middlewares $mddwrNamespace $middleware "kubernetescrd" ) -}}
{{- else -}}
{{- $middlewares = ( printf "%v-%v@%v" $mddwrNamespace $middleware "kubernetescrd" ) -}}
{{- end -}}
{{ end }}
{{- if and ( $fixedMiddlewares ) ( $middlewares ) -}}
{{- $middlewares = ( printf "%v, %v" $fixedMiddlewares $middlewares ) -}}
{{- else if $fixedMiddlewares -}}
{{- $middlewares = ( printf "%s" $fixedMiddlewares ) -}}
{{- end }}
---
apiVersion: {{ include "tc.v1.common.capabilities.ingress.apiVersion" $ }}
kind: Ingress
metadata:
name: {{ $ingressName }}
namespace: {{ $.Values.namespace | default $.Values.global.namespace | default $.Release.Namespace }}
{{- $labels := (mustMerge ($ingressLabels | default dict) (include "tc.v1.common.lib.metadata.allLabels" $ | fromYaml)) -}}
{{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "labels" $labels) | trim) }}
labels:
{{- . | nindent 4 }}
{{- end -}}
{{- $annotations := (mustMerge ($ingressAnnotations | default dict) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) }}
annotations:
{{- with $values.certificateIssuer }}
cert-manager.io/cluster-issuer: {{ tpl ( toYaml . ) $ }}
cert-manager.io/private-key-rotation-policy: Always
{{- end }}
"traefik.ingress.kubernetes.io/router.entrypoints": {{ $values.entrypoint | default "websecure" }}
"traefik.ingress.kubernetes.io/router.middlewares": {{ $middlewares | quote }}
{{- with (include "tc.v1.common.lib.metadata.render" (dict "rootCtx" $ "annotations" $annotations) | trim) }}
{{- . | nindent 4 }}
{{- end }}
spec:
{{- if $values.ingressClassName }}
ingressClassName: {{ $values.ingressClassName }}
{{- end -}}
{{- if $values.certificateIssuer }}
tls:
{{- range $index, $hostsValues := $values.hosts }}
- hosts:
- {{ tpl $hostsValues.host $ | quote }}
secretName: {{ ( printf "%v-%v-%v" $ingressName "tls" $index ) }}
{{- end -}}
{{- else if $values.tls }}
tls:
{{- range $index, $tlsValues := $values.tls }}
{{- $tlsName := ( printf "%v-%v" "tls" $index ) }}
- hosts:
{{- range $tlsValues.hosts }}
- {{ tpl . $ | quote }}
{{- end -}}
{{- if $tlsValues.certificateIssuer }}
secretName: {{ printf "%v-%v" $ingressName $tlsName }}
{{- else if and ($tlsValues.scaleCert) ($.Values.global.ixChartContext) -}}
{{- $cert := dict }}
{{- $_ := set $cert "id" $tlsValues.scaleCert }}
{{- $_ := set $cert "nameOverride" $tlsName }}
secretName: {{ printf "%s-tls-%v" (include "tc.v1.common.lib.chart.names.fullname" $) $index }}
{{- else if .clusterCertificate }}
secretName: clusterissuer-templated-{{ tpl .clusterCertificate $ }}
{{- else if .secretName }}
secretName: {{ tpl .secretName $ | quote }}
{{- end -}}
{{- end -}}
{{- end }}
rules:
{{- range $values.hosts }}
- host: {{ tpl .host $ | quote }}
http:
paths:
{{- range .paths -}}
{{- $service := $defaultServiceName -}}
{{- $port := $defaultServicePort.port -}}
{{- if .service -}}
{{- $service = default $service .service.name -}}
{{- $port = default $port .service.port -}}
{{- end }}
- path: {{ tpl .path $ | quote }}
pathType: {{ default "Prefix" .pathType }}
backend:
service:
name: {{ $service }}
port:
number: {{ $port }}
{{- end -}}
{{- end -}}
{{- end -}}
Reference in New Issue Copy Permalink