feat(k8s): support service and ingress annotations on container module

docs/reference/module-types/container.md

@@ -113,6 +113,14 @@ The names of any services that this service depends on at runtime, and the names
 | Type | Required |
 | ---- | -------- |
 | `array[string]` | No
+### `module.services[].annotations`
+[module](#module) > [services](#module.services[]) > annotations
+
+Annotations to attach to the service (Note: May not be applicable to all providers)
+
+| Type | Required |
+| ---- | -------- |
+| `object` | No
 ### `module.services[].args[]`
 [module](#module) > [services](#module.services[]) > args
 
@@ -147,6 +155,14 @@ module:
       - path: /api
         port: http
 ```
+### `module.services[].ingresses[].annotations`
+[module](#module) > [services](#module.services[]) > [ingresses](#module.services[].ingresses[]) > annotations
+
+Annotations to attach to the ingress (Note: May not be applicable to all providers)
+
+| Type | Required |
+| ---- | -------- |
+| `object` | No
 ### `module.services[].ingresses[].hostname`
 [module](#module) > [services](#module.services[]) > [ingresses](#module.services[].ingresses[]) > hostname
 
@@ -273,7 +289,7 @@ The protocol of the port.
 ### `module.services[].ports[].containerPort`
 [module](#module) > [services](#module.services[]) > [ports](#module.services[].ports[]) > containerPort
 
-The port exposed on the container by the running procces. This will also be the default value for `servicePort`.
+The port exposed on the container by the running process. This will also be the default value for `servicePort`.
 `servicePort:80 -> containerPort:8080 -> process:8080`
 
 | Type | Required |
@@ -485,10 +501,12 @@ module:
   services:
     - name:
       dependencies: []
+      annotations: {}
       args:
       daemon: false
       ingresses:
-        - hostname:
+        - annotations: {}
+          hostname:
           path: /
           port:
       env: {}

garden-service/src/plugins/container/config.ts

@@ -24,8 +24,10 @@ import { ModuleSpec, ModuleConfig } from "../../config/module"
 import { CommonServiceSpec, ServiceConfig, baseServiceSchema } from "../../config/service"
 import { baseTaskSpecSchema, BaseTaskSpec } from "../../config/task"
 import { baseTestSpecSchema, BaseTestSpec } from "../../config/test"
+import { joiStringMap } from "../../config/common"
 
 export interface ContainerIngressSpec {
+  annotations: Annotations
   hostname?: string
   path: string
   port: string
@@ -59,7 +61,12 @@ export interface ServiceHealthCheckSpec {
   tcpPort?: string,
 }
 
+interface Annotations {
+  [name: string]: string
+}
+
 export interface ContainerServiceSpec extends CommonServiceSpec {
+  annotations: Annotations,
   args: string[],
   daemon: boolean
   ingresses: ContainerIngressSpec[],
@@ -107,8 +114,13 @@ const hotReloadConfigSchema = Joi.object()
 
 export type ContainerServiceConfig = ServiceConfig<ContainerServiceSpec>
 
+const annotationsSchema = joiStringMap(Joi.string())
+  .default(() => ({}), "{}")
+
 const ingressSchema = Joi.object()
   .keys({
+    annotations: annotationsSchema
+      .description("Annotations to attach to the ingress (Note: May not be applicable to all providers)"),
     hostname: ingressHostnameSchema,
     path: Joi.string().uri(<any>{ relativeOnly: true })
       .default("/")
@@ -151,11 +163,12 @@ export const portSchema = Joi.object()
       .required()
       .example("8080")
       .description(deline`
-        The port exposed on the container by the running procces. This will also be the default value
+        The port exposed on the container by the running process. This will also be the default value
         for \`servicePort\`.
 
         \`servicePort:80 -> containerPort:8080 -> process:8080\``),
-    servicePort: Joi.number().default((context) => context.containerPort, "<containerPort>")
+    servicePort: Joi.number()
+      .default((context) => context.containerPort, "<containerPort>")
       .example("80")
       .description(deline`The port exposed on the service.
         Defaults to \`containerPort\` if not specified.
@@ -183,6 +196,8 @@ const volumeSchema = Joi.object()
 
 const serviceSchema = baseServiceSchema
   .keys({
+    annotations: annotationsSchema
+      .description("Annotations to attach to the service (Note: May not be applicable to all providers)"),
     args: Joi.array().items(Joi.string())
       .description("The arguments to run the container with when starting the service."),
     daemon: Joi.boolean()

garden-service/src/plugins/kubernetes/container/deployment.ts

@@ -10,8 +10,8 @@ import { extend, keyBy, set, toPairs } from "lodash"
 import { DeployServiceParams, PushModuleParams, DeleteServiceParams } from "../../../types/plugin/params"
 import { RuntimeContext, Service, ServiceStatus } from "../../../types/service"
 import { ContainerModule, ContainerService } from "../../container/config"
-import { createIngresses } from "./ingress"
-import { createServices } from "./service"
+import { createIngressResources } from "./ingress"
+import { createServiceResources } from "./service"
 import { waitForResources } from "../status"
 import { applyMany, deleteObjectsByLabel } from "../kubectl"
 import { getAppNamespace } from "../namespace"
@@ -53,9 +53,9 @@ export async function createContainerObjects(
   const version = service.module.version
   const namespace = await getAppNamespace(ctx, ctx.provider)
   const api = new KubeApi(ctx.provider)
-  const ingresses = await createIngresses(api, namespace, service)
+  const ingresses = await createIngressResources(api, namespace, service)
   const deployment = await createDeployment(ctx.provider, service, runtimeContext, namespace, enableHotReload)
-  const kubeservices = await createServices(service, namespace)
+  const kubeservices = await createServiceResources(service, namespace)
 
   const objects = [deployment, ...kubeservices, ...ingresses]
 

garden-service/src/plugins/kubernetes/container/ingress.ts

@@ -8,7 +8,7 @@
 
 import * as Bluebird from "bluebird"
 import { certpem } from "certpem"
-import { groupBy, omit, find } from "lodash"
+import { omit, find, extend } from "lodash"
 import { findByName } from "../../../util/util"
 import { ContainerService, ContainerIngressSpec } from "../../container/config"
 import { IngressTlsCertificate } from "../kubernetes"
@@ -24,34 +24,28 @@ interface ServiceIngressWithCert extends ServiceIngress {
 
 const certificateHostnames: { [name: string]: string[] } = {}
 
-export async function createIngresses(api: KubeApi, namespace: string, service: ContainerService) {
+export async function createIngressResources(api: KubeApi, namespace: string, service: ContainerService) {
   if (service.spec.ingresses.length === 0) {
     return []
   }
 
   const allIngresses = await getIngressesWithCert(service, api)
 
-  // first group ingress endpoints by certificate, so we can properly configure TLS
-  const groupedByCert = groupBy(allIngresses, e => e.certificate ? e.certificate.name : undefined)
-
-  return Bluebird.map(Object.values(groupedByCert), async (certIngresses) => {
-    // second, group ingress endpoints by hostname
-    const groupedByHostname = groupBy(certIngresses, e => e.hostname)
-
-    const rules = Object.entries(groupedByHostname).map(([host, hostnameIngresses]) => ({
-      host,
+  return Bluebird.map(allIngresses, async (ingress) => {
+    const rules = [{
+      host: ingress.hostname,
       http: {
-        paths: hostnameIngresses.map(ingress => ({
+        paths: [{
           path: ingress.path,
           backend: {
             serviceName: service.name,
             servicePort: findByName(service.spec.ports, ingress.spec.port)!.servicePort,
           },
-        })),
+        }],
       },
-    }))
+    }]
 
-    const cert = certIngresses[0].certificate
+    const cert = ingress.certificate
 
     const annotations = {
       "ingress.kubernetes.io/force-ssl-redirect": !!cert + "",
@@ -61,6 +55,8 @@ export async function createIngresses(api: KubeApi, namespace: string, service:
       annotations["kubernetes.io/ingress.class"] = api.provider.config.ingressClass
     }
 
+    extend(annotations, ingress.spec.annotations)
+
     const spec: any = { rules }
 
     if (!!cert) {

garden-service/src/plugins/kubernetes/container/service.ts

@@ -8,7 +8,7 @@
 
 import { ContainerService } from "../../container/config"
 
-export async function createServices(service: ContainerService, namespace: string) {
+export async function createServiceResources(service: ContainerService, namespace: string) {
   const services: any = []
 
   const addService = (name: string, type: string, servicePorts: any[]) => {
@@ -17,7 +17,7 @@ export async function createServices(service: ContainerService, namespace: strin
       kind: "Service",
       metadata: {
         name,
-        annotations: {},
+        annotations: service.spec.annotations,
         namespace,
       },
       spec: {

garden-service/src/plugins/local/local-google-cloud-functions.ts

@@ -46,10 +46,12 @@ export const gardenPlugin = (): GardenPlugin => ({
             outputs: {
               ingress: `http://${s.name}:${emulatorPort}/local/local/${functionEntrypoint}`,
             },
+            annotations: {},
             args: ["/app/start.sh", functionEntrypoint],
             daemon: false,
             ingresses: [{
               name: "default",
+              annotations: {},
               hostname: s.spec.hostname,
               port: "http",
               path: "/",

garden-service/test/src/plugins/container.ts

@@ -201,11 +201,13 @@ describe("plugins.container", () => {
             buildArgs: {},
             services: [{
               name: "service-a",
+              annotations: {},
               args: ["echo"],
               dependencies: [],
               daemon: false,
               ingresses: [
                 {
+                  annotations: {},
                   path: "/",
                   port: "http",
                 },
@@ -264,10 +266,12 @@ describe("plugins.container", () => {
             services:
               [{
                 name: "service-a",
+                annotations: {},
                 args: ["echo"],
                 dependencies: [],
                 daemon: false,
                 ingresses: [{
+                  annotations: {},
                   path: "/",
                   port: "http",
                 }],
@@ -304,10 +308,12 @@ describe("plugins.container", () => {
               spec:
               {
                 name: "service-a",
+                annotations: {},
                 args: ["echo"],
                 dependencies: [],
                 daemon: false,
                 ingresses: [{
+                  annotations: {},
                   path: "/",
                   port: "http",
                 }],
@@ -380,11 +386,13 @@ describe("plugins.container", () => {
             buildArgs: {},
             services: [{
               name: "service-a",
+              annotations: {},
               args: ["echo"],
               dependencies: [],
               daemon: false,
               ingresses: [
                 {
+                  annotations: {},
                   path: "/",
                   port: "bla",
                 },
@@ -437,6 +445,7 @@ describe("plugins.container", () => {
             buildArgs: {},
             services: [{
               name: "service-a",
+              annotations: {},
               args: ["echo"],
               dependencies: [],
               daemon: false,
@@ -489,6 +498,7 @@ describe("plugins.container", () => {
             buildArgs: {},
             services: [{
               name: "service-a",
+              annotations: {},
               args: ["echo"],
               dependencies: [],
               daemon: false,