DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6952 commits 4 branches 217 tags 166 MiB
Commit graph

53 commits

Author SHA1 Message Date
Adam Jacques
00bfb2e84a
Fix several Helm YAML issues with extraModules and extraInitContainers (#9709) 
* Fix indention issue for DaemonSets when using extraModules and extraInitContainers

* Improve documentation

* Unify and fix templating

* Enable support for the opentelemetry from values.yaml
 2023-03-21 06:37:08 -07:00
Marco Ebert
47eb3a17fd
Deployment/DaemonSet: Label pods using ingress-nginx.labels. (#9732) 2023-03-14 06:44:17 -07:00
Jan-Otto Kröpke
d7674e4323
feat(helm): Optionally use cert-manager instead admission patch (#9279) 2022-12-07 04:16:38 -08:00
Ehsan Saei
3474c33e15
update OpenTelemetry image (#9308) 
* update OpenTelemetry image

* review comment

* helm-docs

* clean
 2022-12-05 00:55:02 -08:00
pellmont
726d7e6239
add containerSecurityContext to extraModules init containers (kubernetes#9016) (#9242) 2022-11-10 02:38:54 -08:00
Njegos Railic
4d4358f673
Adding support for disabling liveness and readiness probes in the Helm chart (#9238) 2022-11-08 06:44:25 -08:00
James Strong
8f18c0f973
Merge pull request #9046 from anders-swanson/revert-8665-metrics-port-name 
Parameterize metrics port name
 2022-09-30 11:04:00 -04:00
Ehsan Saei
1a078af307
fix chroot module mount path (#9090) 2022-09-28 14:02:30 -07:00
Anders Swanson
e7c793f65d parameterize port name 2022-09-12 12:34:40 -07:00
Anders Swanson
6ef7317581 Revert "Metrics port name (Helm) (#8665)" 
This reverts commit adeb84aa38.
 2022-09-12 07:28:44 -07:00
Anders Swanson
adeb84aa38
Metrics port name (Helm) (#8665) 2022-08-22 16:20:09 -07:00
Pavel Selivanov
61fcca3a3a
Add portNamePreffix Helm chart parameter (#8458) 
Allow user to set custom preffix for TCP and UDP ports
 2022-05-10 09:13:43 -07:00
Ricardo Katz
3def835a6a
Jail/chroot nginx process inside controller container (#8337) 
* Initial work on chrooting nginx process

* More improvements in chroot

* Fix charts and some file locations

* Fix symlink on non chrooted container

* fix psp test

* Add e2e tests to chroot image

* Fix logger

* Add internal logger in controller

* Fix overlay for chrooted tests

* Fix tests

* fix boilerplates

* Fix unittest to point to the right pid

* Fix PR review
 2022-04-08 21:48:04 -07:00
thomasbruggink
9180ef1ee4
Add the shareProcessNamespace as a configurable setting. (#8287) 2022-03-14 08:51:57 -07:00
Damien Mathieu
15b0aba03b
First sidecar module: OpenTelemetry (#8013) 
* remove opentelemetry from main nginx image

* add opentelemetry sidecar image

* handle extra modules in helm chart

* fix running helm chart

* mount the modules volume in the init container

* merge the mounted folder

* fix the otel image

* fix licence year

* fix cloudbuild image

* use the same nginx version as in the main image

* only retrieve /etc/nginx/modules for now
 2022-01-16 13:33:28 -08:00
Muhammad Hamza Zaib
30c0d2260d
[Helm] Add labels to resources (#6992) 
* Add labels to RBAC resources

* Add labels to all resources

* Fix labels indentaton in patch jobs

* Add controller and default backend labels to pods

Signed-off-by: Muhammad Hamza Zaib <hamzazaib3202@gmail.com>

* Bump chart version and update changelog

Signed-off-by: Muhammad Hamza Zaib <hamzazaib3202@gmail.com>
 2021-11-19 06:52:52 -08:00
Adam Graves
6299c39842
Allow setting of container securityContext (#7533) 
Currently this blocks deployments on clusters with global PodSecurityPolicies set

Signed-off-by: Adam Graves <adam.graves85@gmail.com>
 2021-11-15 13:54:49 -08:00
WMP
5b94d83aeb
priorityClassName should be in " " (#7512) 
* priorityClassName should be in " "

Example:  https://github.com/helm/charts/blob/master/stable/k8s-spot-rescheduler/templates/deployment.yaml#L28

* Update charts/ingress-nginx/templates/controller-deployment.yaml

Co-authored-by: Alex Harder <13860012+ChiefAlexander@users.noreply.github.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
Co-authored-by: Alex Harder <13860012+ChiefAlexander@users.noreply.github.com>
 2021-10-24 15:28:21 -07:00
Mmadu Manasseh
5a52d99ae8
Refactor: update DaemonSet and Deployment command params to use templates (#7689) 
* Refactor: update DaemonSet and Deployment command parameters to use helm templates

* Fix whitespace issues
 2021-10-14 01:23:19 -07:00
Ricardo Katz
cda59ccc9c
Add new flag to watch ingressclass by name instead of spec (#7609) 2021-09-10 10:14:01 -07:00
Maksim Nabokikh
4c4013904a
Add a flag to specify address to bind the healthz server (#7541) 
* Add a flag to specify address to bind the healthz server

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Add healthz host to the helm chart

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Apply suggestions from code review

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
 2021-08-26 05:13:23 -07:00
Ricardo Katz
90c79689c4
Release v1 (#7470) 
* Drop v1beta1 from ingress nginx (#7156)

* Drop v1beta1 from ingress nginx

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix intorstr logic in controller

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* fixing admission

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* more intorstr fixing

* correct template rendering

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix e2e tests for v1 api

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix gofmt errors

* This is finally working...almost there...

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Re-add removed validation of AdmissionReview

* Prepare for v1.0.0-alpha.1 release

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Update changelog and matrix table for v1.0.0-alpha.1 (#7274)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* add docs for syslog feature (#7219)

* Fix link to e2e-tests.md in developer-guide (#7201)

* Use ENV expansion for namespace in args (#7146)

Update the DaemonSet namespace references to use the `POD_NAMESPACE` environment variable in the same way that the Deployment does.

* chart: using Helm builtin capabilities check (#7190)

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* Update proper default value for HTTP2MaxConcurrentStreams in Docs (#6944)

It should be 128 as documented in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/config/config.go#L780

* Fix MaxWorkerOpenFiles calculation on high cores nodes (#7107)

* Fix MaxWorkerOpenFiles calculation on high cores nodes

* Add e2e test for rlimit_nofile

* Fix doc for max-worker-open-files

* ingress/tcp: add additional error logging on failed (#7208)

* Add file containing stable release (#7313)

* Handle named (non-numeric) ports correctly (#7311)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Updated v1beta1 to v1 as its deprecated (#7308)

* remove mercurial from build (#7031)

* Retry to download maxmind DB if it fails (#7242)

* Retry to download maxmind DB if it fails.

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Add retries count arg, move retry logic into DownloadGeoLite2DB function

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Reorder parameters in DownloadGeoLite2DB

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Remove hardcoded value

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Release v1.0.0-alpha.1

* Add changelog for v1.0.0-alpha.2

* controller: ignore non-service backends (#7332)

* controller: ignore non-service backends

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* update per feedback

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* fix: allow scope/tcp/udp configmap namespace to altered (#7161)

* Lower webhook timeout for digital ocean (#7319)

* Lower webhook timeout for digital ocean

* Set Digital Ocean value controller.admissionWebhooks.timeoutSeconds to 29

* update OWNERS and aliases files (#7365) (#7366)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Downgrade Lua modules for s390x (#7355)

Downgrade Lua modules to last known working version.

* Fix IngressClass logic for newer releases (#7341)

* Fix IngressClass logic for newer releases

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Change e2e tests for the new IngressClass presence

* Fix chart and admission tests

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix helm chart test

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix reviews

* Remove ingressclass code from admission

* update tag to v1.0.0-beta.1

* update readme and changelog for v1.0.0-beta.1

* Release v1.0.0-beta.1 - helm and manifests (#7422)

* Change the order of annotation just to trigger a new helm release (#7425)

* [cherry-pick] Add dev-v1 branch into helm releaser (#7428)

* Add dev-v1 branch into helm releaser (#7424)

* chore: add link for artifacthub.io/prerelease annotations

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

* k8s job ci pipeline for dev-v1 br v1.22.0 (#7453)

* k8s job ci pipeline for dev-v1 br v1.22.0

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* k8s job ci pipeline for dev-v1 br v1.21.2

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* remove v1.21.1 version

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* Add controller.watchIngressWithoutClass config option (#7459)

Signed-off-by: Akshit Grover <akshit.grover2016@gmail.com>

* Release new helm chart with certgen fixed (#7478)

* Update go version, modules and remove ioutil

* Release new helm chart with certgen fixed

* changed appversion, chartversion, TAG, image (#7490)

* Fix CI conflict

* Fix CI conflict

* Fix build.sh from rebase process

* Fix controller_test post rebase

Co-authored-by: Tianhao Guo <rggth09@gmail.com>
Co-authored-by: Ray <61553+rctay@users.noreply.github.com>
Co-authored-by: Bill Cassidy <cassid4@gmail.com>
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
Co-authored-by: Sathish Ramani <rsathishx87@gmail.com>
Co-authored-by: Mansur Marvanov <nanorobocop@gmail.com>
Co-authored-by: Matt1360 <568198+Matt1360@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Co-authored-by: Kundan Kumar <kundan.kumar@india.nec.com>
Co-authored-by: Tom Hayward <thayward@infoblox.com>
Co-authored-by: Sergey Shakuto <sshakuto@infoblox.com>
Co-authored-by: Tore <tore.lonoy@gmail.com>
Co-authored-by: Bouke Versteegh <info@boukeversteegh.nl>
Co-authored-by: Shahid <shahid@us.ibm.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Long Wu Yuan <longwuyuan@gmail.com>
Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
Co-authored-by: Neha Lohia <nehapithadiya444@gmail.com>
Co-authored-by: Akshit Grover <akshit.grover2016@gmail.com>
 2021-08-21 13:42:00 -07:00
kayrus
e53a11e839
Add hostname value to override pod's hostname (#7386) 2021-08-09 06:45:31 -07:00
Long
2a190d2657
added namespace field in the namespace scoped resource templates of helm chart (#7256) 
* added namespace field in the namespace scoped resource templates of helm chart

* moved namespace field from roleRef to metadata
 2021-06-21 04:56:51 -07:00
Zach Rhoads
f6dbd93865
updated values.yaml and templates to have separate values for registry and image with container images, left repository value for backwards compatability (#7095) 2021-05-23 09:07:38 -07:00
Brian Harwell
293071ae02
Add support for custom probes (#7137) 
* Add support for custom probes

* Fix lint issue with comment

* Bump chart version

* Fix lint issue
 2021-05-18 06:37:31 -07:00
amirschw
bee7360ca4 [Helm] allow configuring controller container name 
Signed-off-by: amirschw <24677563+amirschw@users.noreply.github.com>
 2021-04-13 15:34:13 +03:00
Alessandro Vozza
3ae837b4b0 fix podAnnotations quotes for #6315 
bumped chart version, daemonset podannotations

missing end on podannotations

ci values files

new lines at the end of files
 2020-10-12 20:50:06 +02:00
Kewei Ma
c8294eaf4e Allow Helm Chart to customize admission webhook's annotations, timeoutSeconds, namespaceSelector, objectSelector and cert files locations 2020-10-08 14:37:15 -05:00
Manuel Alejandro de Brito Fontes
4b831c77b2
Refactor parsing of key values 2020-09-21 13:04:32 -03:00
Joseph Petersen
4733e7c0eb
add topologySpreadConstraint to controller 2020-09-11 15:41:44 +02:00
Anton Wolkov
fcbc3659b8 Misc fixes for nginx-ingress chart for better keel and prometheus-operator integration 
Update: allow values.yaml without labels to pass
 2020-08-31 23:14:44 +03:00
Anton Wolkov
0a45e3c655 Misc fixes for nginx-ingress chart for better keel and prometheus-operator integration 2020-08-31 22:46:43 +03:00
Philipp Strube
59b16c4e92 Use Env expansion for namespace in args 
When deploying the controller to a custom namespace, users have to
overwrite the namespace attribute as well as the hardcoded namespace
values in a number of args for the Deployment and the admission
controller Jobs.

Instead, this commit, uses the namespace name from the DownwardAPI,
and allows users to simply change the namespace attribute without
having to worry about the container args.
 2020-07-29 11:44:08 +02:00
Manuel Alejandro de Brito Fontes
6c73d66ae6 Update helm chart for v0.34.0 2020-07-10 08:57:40 -04:00
Tobias Wolf
c56baf6b15
Add quoting to sysctls because numeric values need to be presented as strings (#5823) 2020-07-01 10:02:26 -04:00
Tobias Wolf
1d54d8b565 Add sysctl exemptions to controller PSP 
I would like to be able to support this construction in my DaemonSet, I have coontrol over the host and this is the easiest way yo bump the socket properties.
```yaml
securityContext:
  sysctls:
    - name: net.core.somaxconn
      value: "8192"
```
 2020-06-16 19:11:45 +02:00
Graham McGregor
2205edb16b Allow pulling images by digest 
The digest uniquely identifies a specific version of the image, so it is
never updated by Kubernetes unless you change the digest value. This is
desirable for security to gain confidence that no unvetted changes are
pulled to a deployment.
 2020-05-20 12:05:43 -04:00
Manuel Alejandro de Brito Fontes
2cc828213d Fix deployment strategy 2020-04-07 13:08:09 -04:00
Manuel Alejandro de Brito Fontes
1f3eac2c8c Remove duplicated annotations definition and refactor hostPort configuration 2020-04-06 19:15:47 -04:00
Manuel Alejandro de Brito Fontes
f86b0cdbba Add lifecycle hook and option to enable mimalloc 2020-04-06 13:16:46 -04:00
Kubernetes Prow Robot
f19d52bba4
Merge pull request #5252 from aledbf/tag 
Check chart controller image tag
 2020-03-16 07:58:43 -07:00
Manuel Alejandro de Brito Fontes
e9641ba08e Check chart controller image tag 2020-03-16 11:50:05 -03:00
Kubernetes Prow Robot
c2c8af28db
Merge pull request #5249 from aledbf/hostport 
Add support for hostPort in Deployment
 2020-03-16 06:26:42 -07:00
Manuel Alejandro de Brito Fontes
3a5bc90709 Add support for custom healthz path in helm chart 2020-03-15 12:52:34 -03:00
Manuel Alejandro de Brito Fontes
19c4c5652d Add support for hostPort in Deployment 2020-03-14 18:24:46 -03:00
Manuel Alejandro de Brito Fontes
9f3fbc3014 Remove checks for older versions 2020-03-13 09:50:33 -03:00
Manuel Alejandro de Brito Fontes
1c90847801 Fix controller container name 2020-03-12 10:23:52 -03:00
Naseem
5ae314bd64
Hardcode component names. 
By removing this, we reduce unecessary config options and moving parts.

Signed-off-by: Naseem <naseem@transit.app>
 2020-03-10 09:36:26 -04:00
ChiefAlexander
388a499533
Cleanup chart code 2020-03-03 09:20:45 -06:00