Commit graph

258 commits

Author SHA1 Message Date
Aofei Sheng
506ded73b1
Chart: Add controller.service.trafficDistribution. (#12571) 2025-01-09 23:40:34 -08:00
Felix Dobler
be8abe7a5c
Chart: Add service cluster IPs. (#12333) 2024-11-12 21:26:46 +00:00
yypastushenko
260976b8d8
Chart: Implement ServiceMonitor limits. (#12251) 2024-10-29 22:49:25 +00:00
Marco Ebert
d0a04308c8
Chart: Rework ServiceMonitor. (#12267) 2024-10-29 22:45:51 +01:00
Aran Shavit
e07f0f6890
Chart: Set automountServiceAccountToken in workloads. (#12247)
Signed-off-by: Aran Shavit <Aranshavit@gmail.com>
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-10-29 20:55:25 +00:00
Marco Ebert
75c77e5dc3
Metrics: Disable by default. (#12095) 2024-10-07 20:34:22 +01:00
Myst
f3bfa56c61
Chart: Add controller.metrics.service.enabled. (#12056) 2024-10-01 06:21:49 +01:00
Marco Ebert
45fc8860cf
Chart: Add global.image.registry. (#12028) 2024-09-30 09:26:04 +01:00
Marco Ebert
3f6e6aef78
Images: Remove OpenTelemetry. (#12024) 2024-09-29 17:31:04 +02:00
Trond
7b8d293d9b
Chart: Add controller.progressDeadlineSeconds. (#12017) 2024-09-27 11:14:01 +01:00
chengjoey
17209eb3a9
Chart: Implement unhealthyPodEvictionPolicy. (#11992) 2024-09-20 14:34:38 +02:00
Marco Ebert
43a7d8d5fe
Chart: Add defaultBackend.maxUnavailable. (#11995) 2024-09-20 14:25:03 +02:00
Marco Ebert
435d5365b4
Chart: Align default backend PodDisruptionBudget. (#11993) 2024-09-20 14:04:48 +02:00
Marco Ebert
027603927b
Chart: Remove Pod Security Policy. (#11971) 2024-09-15 17:03:24 +02:00
Marco Ebert
61f56cb490
Chart: Improve default backend service account. (#11972) 2024-09-15 15:49:14 +01:00
Ramiro Algozino
a647bc1b7a
Chart: Implement controller.admissionWebhooks.service.servicePort. (#11931) 2024-09-04 22:11:01 +01:00
Adrian Berger
3cde7770dd
Chart: Add controller.metrics.prometheusRule.annotations. (#11849) 2024-08-27 00:35:17 +01:00
Marco Ebert
5d457c7daa
Chart: Add tests for PrometheusRule & ServiceMonitor. (#11883) 2024-08-27 00:04:17 +02:00
Marco Ebert
e9f6c8e8f2
Security: Follow-up on recent changes. (#11874) 2024-08-26 21:09:16 +01:00
Marco Ebert
e972a35e98
Chart: Remove isControllerTagValid. (#11710) 2024-08-01 00:28:12 -07:00
Gerald Pape
36df47fcc4
Chart: Explicitly set runAsGroup. (#11679)
* Chart: Explicitly set `runAsGroup`.

Set a default value for the runAsGroup in container securityContexts of
the controller and default backend.

Also set the runAsGroup for opentelemetry and webhook Job container
securityContexts.

Signed-off-by: Gerald Pape <gerald@giantswarm.io>

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

---------

Signed-off-by: Gerald Pape <gerald@giantswarm.io>
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-07-29 06:27:15 -07:00
TheRealNoob
af9e5246ad
Chart: Make pod affinity templatable. (#11453)
* [helm] template pod affinity

* update README

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* revert Chart.yaml version bump

* add unittests

* add docs defaultBackend.affinity

* add README section to values

* fix README syntax

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/values.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* update formatting of unittests + add README examples

* fix affinity labels on default-backend

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* remove double quotes on string

---------

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-06-14 02:13:44 -07:00
Marco Ebert
90ef45852c
Chart: Fix IngressClass annotations. (#11416) 2024-06-03 03:12:58 -07:00
Reddysekhar Gaduputi
0c17748c44
Chart: Make admission webhook patch job RBAC configurable. (#11376)
* Add an option to skip rbac resources creation in helm chart for admission-webhooks (#11375)

Signed-off-by: Reddysekhar Gaduputi <gsekhar73@gmail.com>

* Add an option to skip rbac resources creation in helm chart update README (#11375)

Signed-off-by: Reddysekhar Gaduputi <gsekhar73@gmail.com>

* Add an option to skip serviceAccount resources creation in helm chart for admission-webhooks (#11375)

Signed-off-by: Reddysekhar Gaduputi <gsekhar73@gmail.com>

* Add helm chart tests for admission-webhooks (#11375)

Signed-off-by: Reddysekhar Gaduputi <gsekhar73@gmail.com>

* Chart make admission webhook patch job RBAC configurable (#11375)

Signed-off-by: Reddysekhar Gaduputi <gsekhar73@gmail.com>

* Update charts/ingress-nginx/tests/admission-webhooks/job-patch/clusterrole_test.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/tests/admission-webhooks/job-patch/clusterrolebinding_test.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/tests/admission-webhooks/job-patch/role_test.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/tests/admission-webhooks/job-patch/rolebinding_test.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/tests/admission-webhooks/job-patch/serviceaccount_test.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

---------

Signed-off-by: Reddysekhar Gaduputi <gsekhar73@gmail.com>
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-06-03 02:17:23 -07:00
Marco Ebert
987039c014
Chart: Remove controller.enableWorkerSerialReloads. (#11400) 2024-06-03 00:32:19 -07:00
Carlos Parada
95efaf3e39
Accept user defined annotations in IngressClass (#11362) 2024-05-22 06:08:30 -07:00
Rafael da Fonseca
4e11074323
Allow configuring nginx worker reload behaviour, to prevent multiple concurrent worker reloads which can lead to high resource usage and OOMKill (#10884)
* feat: allow configuring nginx worker reload behaviour, to prevent multiple concurrent worker reloads

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>

* appease linter, remove unnecessary log line

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>

* Flip to using a positive behaviour flag instead of negative

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>

* Update helm-docs

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>

* Avoid calling GetBackendConfiguration() twice, use clearer name for helm chart option

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>

* Fix helm-docs ordering

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>

---------

Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>
2024-05-14 14:45:25 -07:00
Marco Ebert
531b007b60
Chart: Add unit tests for default backend & topology spread constraints. (#11218)
Also remove trailing whitespaces.
2024-04-05 14:19:58 -07:00
Jozef Halgas
158ba45b0b
sort default backend hpa metrics (#11215) 2024-04-05 12:10:36 -07:00
Matheus Fidelis
e9509e27aa
feature(default_backend): topologySpreadConstraints on default backend (#11197)
feature(default_backend): topologySpread support

feature(default_backend): topologySpread support

feature(default_backend): helm-docs

feature(default_backend): helm-docs

feature(default_backend): helm-docs

feature(default_backend): helm-docs

feature(default_backend): nit

feature(default_backend): nit

feature(default_backend): nit
2024-04-05 04:54:48 -07:00
TheRealNoob
ad274ab2c6
Chart: Make controller.config templatable. (#11181)
* [helm] pass controller.config through tpl

* add unittest

* update README.md

* Update charts/ingress-nginx/README.md

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/tests/controller-configmap_test.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/values.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

---------

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-04-04 12:50:05 -07:00
Karol Kieglerski
b233a96faa
Fix-semver (#11193) 2024-04-04 06:08:00 -07:00
Matheus Fidelis
7c8af4928b
Controller: Make Leader Election TTL configurable. (#11142)
* feature(leader_ttl): feature to customize ttl to leader be re-elected

* fix(review): docs
2024-03-28 06:36:23 -07:00
Marco Ebert
56a0968675
Chart: Add IngressClass aliases. (#11109) 2024-03-17 14:27:27 -07:00
Marco Ebert
112b9bb028
Chart: Render controller.ingressClassResource.parameters natively. (#11108) 2024-03-14 06:23:13 -07:00
Marco Ebert
9480cde724
Chart: Align HPA & KEDA conditions. (#11110) 2024-03-12 06:43:51 -07:00
Marco Ebert
2894b8a060
Chart: Improve IngressClass documentation. (#11104) 2024-03-12 06:39:07 -07:00
Ramon Borges
b5c447612c
Chart: Deploy PodDisruptionBudget with KEDA. (#11032)
* feat: deploy PDB if Keda is enabled and the minimum amount of replicas is greater than 1

* feat: add the corresponding unit-test to check PDB deployment with Keda

* chore: rename the test of PDB to follow suggested pattern

* chore: update the test-case suite name to the new format

* Update charts/ingress-nginx/templates/controller-poddisruptionbudget.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/tests/controller-poddisruptionbudget_test.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

---------

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
2024-03-11 14:14:25 -07:00
Matheus Fidelis
9b63559cbb
feature(leader_election): flag to disable leader election feature on controller (#11064) 2024-03-06 05:59:22 -08:00
Bazze
bb6d1b77be
Update controller-prometheusrules.yaml (#8902)
As fixed in pull request #7829 for the ServiceMonitor resource, this is also needed for the PrometheusRule. When
upgrading the ingress-nginx chart in our environment (via Pulumi) from a really old version to the latest (4.2.0) we
noticed it wanted to delete the PrometheusRule resource. This PR should fix that.
2024-02-27 09:27:48 -08:00
Marco Ebert
3e740fe8e7
Chart: Set --enable-metrics depending on controller.metrics.enabled. (#10959) 2024-02-01 22:55:15 -08:00
Marco Ebert
48b9831122
Chart: Remove useless default from _params.tpl. (#10957) 2024-02-01 15:03:48 -08:00
Mathieu Parent
9db2eb965e
Add controller.metrics.serviceMonitor.annotations in Helm chart (#9677)
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2023-12-20 23:08:50 +01:00
Joshua Sleeper
707a5a0bea
fix(labels): use complete labels variable on default-backend deployment (#10317) 2023-12-20 21:50:46 +01:00
Marco Ebert
2f7f4d70eb Chart: Improve #10673. 2023-12-19 10:01:41 +01:00
AhmedGrati
6c876bba9a
fix: disable cluster wide controller role permissions (#10659)
Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
2023-12-15 14:25:39 +01:00
Marco Ebert
97d4a83e75
Deployment/DaemonSet: Remove distroless from extraModules templating. (#10742) 2023-12-13 09:29:06 +01:00
patst
7e31f818ff
helm: opentelemetry addon allow configuration of registry with setting tag (#9773)
* feat: allow configuration of registry, image, tag and digest in single values for opentelemetry addon

* feat: allow configuration of registry, image, tag and digest in single values for opentelemetry addon

* add ci test file

* fix: updated helm-docs with opentelemetry image value

* fix: ci test case

* fix: ci test case set default registry, image + tag

* fix: ci test case set default registry + image

* fix: remove unrequired comment

* feat!: use extraModules helper method for templating the image value

* image definition for OTel image is now split up in image, repo and registry values

* feat!: move distroless config under the image key

* update helm-docs

* Refactor template to generate the image name

* adapt test cases for extraModules

* implement code review

* try to fix ci test for opentelemetry
2023-12-08 11:09:34 +01:00
Marco Ebert
7e54daa909
Helm Service: Align internal to external. (#10239)
* Service: Align internal to external.

* Service: Remove redundant condition.
2023-12-05 17:25:04 +01:00
Marco Ebert
815a1c56a9
Chart: Simplify image templating. (#10708) 2023-12-05 17:22:12 +01:00