From 6c903f6092b7642d578afe4e1a67b9f793d724f9 Mon Sep 17 00:00:00 2001 From: Cedric Hnyda Date: Tue, 3 Jan 2023 10:58:21 +0100 Subject: [PATCH] [helm-toolkit]: Allow tls for external ingress without specifying key and crt It will allow using letsencrypt for a specific endpoint. For example: network: use_external_ingress_controller: true api: ingress: classes: namespace: "nginx" cluster: "nginx-cluster" annotations: nginx.ingress.kubernetes.io/rewrite-target: / cert-manager.io/cluster-issuer: "letsencrypt" endpoints: cluster_domain_suffix: cluster.local image: port: api: public: 443 scheme: public: https hosts: default: glance public: glance-public host_fqdn_override: public: host: glance.example.com tls: dnsNames: - glance.example.com issuerRef: name: letsencrypt kind: ClusterIssuer Signed-off-by: Cedric Hnyda Change-Id: I5065213bbc25464bef596003c9967258489db455 --- helm-toolkit/Chart.yaml | 2 +- helm-toolkit/templates/manifests/_ingress.tpl | 2 -- releasenotes/notes/helm-toolkit.yaml | 1 + 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/helm-toolkit/Chart.yaml b/helm-toolkit/Chart.yaml index 41035e54b..611b87d83 100644 --- a/helm-toolkit/Chart.yaml +++ b/helm-toolkit/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Helm-Toolkit name: helm-toolkit -version: 0.2.49 +version: 0.2.50 home: https://docs.openstack.org/openstack-helm icon: https://www.openstack.org/themes/openstack/images/project-mascots/OpenStack-Helm/OpenStack_Project_OpenStackHelm_vertical.png sources: diff --git a/helm-toolkit/templates/manifests/_ingress.tpl b/helm-toolkit/templates/manifests/_ingress.tpl index f05f7b793..4c476b2ce 100644 --- a/helm-toolkit/templates/manifests/_ingress.tpl +++ b/helm-toolkit/templates/manifests/_ingress.tpl @@ -706,7 +706,6 @@ spec: {{- range $v := without (index $endpointHost.tls "dnsNames" | default list) $hostNameFull }} {{- $vHosts = append $vHosts $v }} {{- end }} -{{- if and ( not ( empty $endpointHost.tls.key ) ) ( not ( empty $endpointHost.tls.crt ) ) }} {{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }} {{- $_ := required "You need to specify a secret in your values for the endpoint" $secretName }} tls: @@ -717,7 +716,6 @@ spec: {{- end }} {{- end }} {{- end }} -{{- end }} {{- end }} rules: {{- range $vHost := $vHosts }} diff --git a/releasenotes/notes/helm-toolkit.yaml b/releasenotes/notes/helm-toolkit.yaml index 852bd5796..1aa5e41a5 100644 --- a/releasenotes/notes/helm-toolkit.yaml +++ b/releasenotes/notes/helm-toolkit.yaml @@ -56,4 +56,5 @@ helm-toolkit: - 0.2.47 Adjusting of kibana ingress value parameters - 0.2.48 Added verify_databases_backup_archives function call to backup process and added remote backup sha256 hash verification - 0.2.49 Moved RabbitMQ Guest Admin removal to init + - 0.2.50 Allow tls for external ingress without specifying key and crt ...