From 4e42cf426c4d58b1f4f3779c1a24d8dafed0bce3 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 29 Apr 2024 14:51:12 +0000 Subject: [PATCH 1/2] use default openshift ingress --- charts/csm-authorization/Chart.yaml | 2 +- .../csm-authorization/templates/ingress.yaml | 19 ++++++++++++------- charts/csm-authorization/values.yaml | 6 +++++- 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/charts/csm-authorization/Chart.yaml b/charts/csm-authorization/Chart.yaml index ac692b3d..b101fee1 100644 --- a/charts/csm-authorization/Chart.yaml +++ b/charts/csm-authorization/Chart.yaml @@ -15,4 +15,4 @@ dependencies: - name: ingress-nginx version: 4.0.19 repository: https://kubernetes.github.io/ingress-nginx - condition: ingress-nginx.enabled + condition: nginx.enabled diff --git a/charts/csm-authorization/templates/ingress.yaml b/charts/csm-authorization/templates/ingress.yaml index c4e7271c..3a8f8d50 100644 --- a/charts/csm-authorization/templates/ingress.yaml +++ b/charts/csm-authorization/templates/ingress.yaml @@ -3,14 +3,19 @@ kind: Ingress metadata: name: proxy-server namespace: {{ include "custom.namespace" . }} - {{- if .Values.authorization.proxyServerIngress.annotations }} annotations: + {{- if eq .Values.openshift true }} + route.openshift.io/termination: "edge" + {{- end }} + {{- if .Values.authorization.proxyServerIngress.annotations }} {{- range $key, $value := .Values.authorization.proxyServerIngress.annotations }} {{ $key }}: {{ tpl $value $ | quote }} {{- end }} {{- end }} spec: + {{- if eq .Values.nginx.enabled true }} ingressClassName: {{ .Values.authorization.proxyServerIngress.ingressClassName }} + {{- end }} tls: - hosts: - {{ .Values.authorization.hostname }} @@ -28,24 +33,24 @@ spec: - host: {{ .Values.authorization.hostname }} http: paths: - - path: / - pathType: Prefix - backend: + - backend: service: name: proxy-server port: number: 8080 + path: / + pathType: Prefix {{- if .Values.authorization.proxyServerIngress.hosts }} {{- range .Values.authorization.proxyServerIngress.hosts }} - host: {{ tpl . $}} http: paths: - - path: / - pathType: Prefix - backend: + - backend: service: name: proxy-server port: number: 8080 + path: / + pathType: Prefix {{- end }} {{- end}} diff --git a/charts/csm-authorization/values.yaml b/charts/csm-authorization/values.yaml index fd089406..9a67dd0f 100644 --- a/charts/csm-authorization/values.yaml +++ b/charts/csm-authorization/values.yaml @@ -1,6 +1,10 @@ +# set to true if installing on an OpenShift Container Platform +openshift: false + +# set to true if installing on a Kubernetes Container Platform # if enabled, nginx ingress controller will be deployed # if you have your own ingress controller, keep this false and set the appropriate annotations for the ingresses in the authorization section -ingress-nginx: +nginx: enabled: true # if enabled, cert-manager will be deployed From 67bd103f808096d301ee3fcd203536270d65cd5f Mon Sep 17 00:00:00 2001 From: shaynafinocchiaro Date: Mon, 29 Apr 2024 13:51:44 -0400 Subject: [PATCH 2/2] update comments --- charts/csm-authorization/values.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/csm-authorization/values.yaml b/charts/csm-authorization/values.yaml index 9a67dd0f..6b565a46 100644 --- a/charts/csm-authorization/values.yaml +++ b/charts/csm-authorization/values.yaml @@ -1,8 +1,10 @@ # set to true if installing on an OpenShift Container Platform +# if enabled, the OpenShift Ingress Operator will be used +# if you have your own ingress controller, keep this false and set the appropriate annotations for the ingresses in the authorization section openshift: false # set to true if installing on a Kubernetes Container Platform -# if enabled, nginx ingress controller will be deployed +# if enabled, NGINX Ingress Controller will be deployed # if you have your own ingress controller, keep this false and set the appropriate annotations for the ingresses in the authorization section nginx: enabled: true @@ -64,4 +66,4 @@ vault: address: https://10.0.0.1:8400 kvEnginePath: secret skipCertificateValidation: true - \ No newline at end of file +