Browse Source

Improved TLS annotations handling

master
Fábio Kaiser Rauber 4 years ago
parent
commit
21d1f50747
  1. 14
      charts/portalmodelo/v0.5.0/questions.yaml
  2. 2
      charts/portalmodelo/v0.5.0/templates/NOTES.txt
  3. 8
      charts/portalmodelo/v0.5.0/templates/ingress.yaml
  4. 4
      charts/portalmodelo/v0.5.0/values.yaml

14
charts/portalmodelo/v0.5.0/questions.yaml

@ -53,13 +53,25 @@ questions:
required: true required: true
# Ingress # Ingress
- variable: ingress.tls - variable: ingress.tls.enabled
default: true default: true
type: boolean type: boolean
description: "Habilitar criptografia do protocolo HTTP (HTTPS)?" description: "Habilitar criptografia do protocolo HTTP (HTTPS)?"
label: "Habilitar TLS?" label: "Habilitar TLS?"
required: false required: false
group: Ingress group: Ingress
show_subquestion_if: true
subquestions:
- variable: ingress.tls.provider
default: letsencrypt
type: enum
description: "Qual provedor de certificados utilizar?"
label: "Provedor de certificados"
required: false
group: Ingress
options:
- letsencrypt
- aws
# Configurações Avançadas # Configurações Avançadas
- variable: portal.timeZone - variable: portal.timeZone

2
charts/portalmodelo/v0.5.0/templates/NOTES.txt

@ -1,7 +1,7 @@
1. Seu Portal Modelo pode ser acessado através da URL: 1. Seu Portal Modelo pode ser acessado através da URL:
{{- if .Values.ingress.enabled }} {{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }} {{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} http{{ if $.Values.ingress.tls.enabled }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }} {{- end }}
{{- else if contains "NodePort" .Values.service.type }} {{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "portalmodelo.fullname" . }}) export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "portalmodelo.fullname" . }})

8
charts/portalmodelo/v0.5.0/templates/ingress.yaml

@ -12,13 +12,15 @@ metadata:
labels: labels:
{{- include "portalmodelo.labels" . | nindent 4 }} {{- include "portalmodelo.labels" . | nindent 4 }}
annotations: annotations:
{{- if .Values.ingress.tls }} {{- if .Values.ingress.tls.enabled }}
{{- if contains "letsencrypt" .Values.ingress.tls.provider }}
cert-manager.io/cluster-issuer: "letsencrypt-prod" cert-manager.io/cluster-issuer: "letsencrypt-prod"
{{- end }}
nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/www.{{ $hostName }}:443/portal/VirtualHostRoot/$1" nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/www.{{ $hostName }}:443/portal/VirtualHostRoot/$1"
nginx.ingress.kubernetes.io/from-to-www-redirect: "true" nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
{{- end }} {{- end }}
spec: spec:
{{- if .Values.ingress.tls }} {{- if .Values.ingress.tls.enabled }}
tls: tls:
- hosts: - hosts:
- "www.{{ $hostName }}" - "www.{{ $hostName }}"

4
charts/portalmodelo/v0.5.0/values.yaml

@ -53,7 +53,9 @@ securityContext: {}
ingress: ingress:
enabled: true enabled: true
tls: true tls:
enabled: true
provider: letsencrypt
# extra annotations only # extra annotations only
annotations: {} annotations: {}

Loading…
Cancel
Save