DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7321 commits 4 branches 217 tags 166 MiB
Commit graph

406 commits

Author SHA1 Message Date
Stavros Foteinopoulos
be7f508c73
Add more unit tests to helm chart (#10731) 
* Add more unit tests to helm chart

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Use upstream helm-unittest repository

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>

* Remove non existing value from controller unittest

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>

* fix unit test

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

---------

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
 2023-12-14 16:17:09 +01:00
Marco Ebert
97d4a83e75
Deployment/DaemonSet: Remove distroless from extraModules templating. (#10742) 2023-12-13 09:29:06 +01:00
patst
7e31f818ff
helm: opentelemetry addon allow configuration of registry with setting tag (#9773) 
* feat: allow configuration of registry, image, tag and digest in single values for opentelemetry addon

* feat: allow configuration of registry, image, tag and digest in single values for opentelemetry addon

* add ci test file

* fix: updated helm-docs with opentelemetry image value

* fix: ci test case

* fix: ci test case set default registry, image + tag

* fix: ci test case set default registry + image

* fix: remove unrequired comment

* feat!: use extraModules helper method for templating the image value

* image definition for OTel image is now split up in image, repo and registry values

* feat!: move distroless config under the image key

* update helm-docs

* Refactor template to generate the image name

* adapt test cases for extraModules

* implement code review

* try to fix ci test for opentelemetry
 2023-12-08 11:09:34 +01:00
Marco Ebert
7e54daa909
Helm Service: Align internal to external. (#10239) 
* Service: Align internal to external.

* Service: Remove redundant condition.
 2023-12-05 17:25:04 +01:00
Marco Ebert
815a1c56a9
Chart: Simplify image templating. (#10708) 2023-12-05 17:22:12 +01:00
Ofir Shtrull
83f4332572
add new serivce type for internal use (#10727) 
* add new serivce type for internal use

* bump chart version

* lint

* fix tests

* fix readme

* Update charts/ingress-nginx/Chart.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/values.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* rerun helm-docs

* Update charts/ingress-nginx/templates/controller-service-internal.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* fix values

* fix values

---------

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
 2023-12-05 14:47:20 +01:00
Stavros Foteinopoulos
1f06e26080
Add extra configMaps support to helm chart (#10673) 
* Add extra configMaps support to helm chart

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>

* Introducing unit tests for helm chart

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>

---------

Signed-off-by: Stavros Foteinopoulos <stafot@gmail.com>
 2023-12-02 14:26:23 +01:00
Jmnote
bfc2300c3d
[charts] add controller.admissionWebhooks.networkPolicyEnabled (#10650) 
* add controller.admissionWebhooks.networkPolicyEnabled

Signed-off-by: Jmnote <opcore@gmail.com>

* .Values.controller.admissionWebhooks.patch.networkPolicy.enabled

---------

Signed-off-by: Jmnote <opcore@gmail.com>
 2023-11-29 22:39:51 +01:00
Marco Ebert
7b9e3566f7 Chart: Split CHANGELOG.md into changelog/helm-chart-*.md. 2023-11-28 09:52:26 +01:00
Marco Ebert
b8e4e3ceba Chart: Rename changelog/Changelog-*.md into changelog/helm-chart-*.md. 2023-11-28 09:20:12 +01:00
Marco Ebert
84ced1ed1c Chart: Improve changelog/helm-chart.md.gotmpl. 2023-11-28 09:20:12 +01:00
Marco Ebert
559c03d1d3 Chart: Rename changelog.md.gotmpl into changelog/helm-chart.md.gotmpl. 2023-11-28 09:20:12 +01:00
Marco Ebert
8b026f42d5
Chart: Tighten securityContexts and Pod Security Policies. (#10491) 
* Values: Fix docs of `controller.podSecurityContext` & `controller.sysctls`.

* Values: Add missing `controller.containerSecurityContext`.

Already in use, but has never been added to values.

* Values: Fix docs of `defaultBackend.podSecurityContext` & `defaultBackend.containerSecurityContext`.

* Helpers: Rename `controller.containerSecurityContext` to `ingress-nginx.controller.containerSecurityContext`.

Due to alignment with other templates.

* Helpers: Improve `extraModules`.

- Make `command` a multiline list.
- Fix `toYaml` usage.
- Remove `toYaml` where not necessary.

* Helpers: Move `ingress-nginx.defaultBackend.fullname`.

* Helpers: Add `ingress-nginx.defaultBackend.containerSecurityContext`.

Extracts the default backend `securityContext` into a template, as for the controller.

* Controller: Fix indentation of `controller.podSecurityContext` & `controller.sysctls`.

* Controller: Improve `controller.extraModules` & `controller.opentelemetry`.

- Add `controller.extraModules.distroless` & `controller.extraModules.resources`.
- Add `controller.opentelemetry.name` & `controller.opentelemetry.distroless`.
- Align `extraModules` inclusion for `controller.extraModules` & `controller.opentelemetry`.
- Remove redundant whitespaces.

* Controller/PSP: Align indentation.

* Controller/PSP: Remove quotes.

* Controller/PSP: Improve comments.

* Controller/PSP: Reorder fields.

See https://v1-24.docs.kubernetes.io/docs/concepts/security/pod-security-policy.

* Admission Webhooks: Fix indentation of `controller.admissionWebhooks.patch.securityContext`.

* Admission Webhooks/PSP: Align indentation.

* Admission Webhooks/PSP: Reorder fields.

* Admission Webhooks/PSP: Align condition.

* Admission Webhooks/ClusterRole: Align PSP rule.

* Default Backend/PSP: Align indentation.

* Default Backend/PSP: Reorder fields.

See https://v1-24.docs.kubernetes.io/docs/concepts/security/pod-security-policy.

* Values: Tighten `controller.image`.

Due to recent changes, the controller image can be run without privilege escalation:

- https://github.com/kubernetes/ingress-nginx/issues/8499
- https://github.com/kubernetes/ingress-nginx/pull/7449

* Values: Tighten `controller.extraModules.containerSecurityContext`.

* Values: Tighten `controller.opentelemetry.containerSecurityContext`.

* Values: Tighten `controller.admissionWebhooks.*.securityContext`.

Moves the pod `securityContext` to the containers to not interfere with injected containers.

* Values: Tighten `defaultBackend.image`.
 2023-11-07 18:52:36 +01:00
Marco Ebert
6499a6bd04
Chart: Fix pod selectors in NOTES.txt. (#10617) 
Also improve other `kubectl` commands.
 2023-11-07 18:46:40 +01:00
Leonardo Taccari
870847ad4c
Comment NGINXCertificateExpiry alert label matcher (#10613) 
If a valid certificate is passed via `--default-ssl-certificate` it is
probably desiderable that we check its expiration!

Add a comment to explain that.
 2023-11-05 12:23:43 +01:00
Philipp B
d6a0f46c32
chart: allow setting allocateLoadBalancerNodePorts (#10585) 
Signed-off-by: Philipp Born <git@pborn.eu>
 2023-11-02 22:45:46 +01:00
Leonardo Taccari
dc659b252d
Ignore fake certificate for NGINXCertificateExpiry (#10505) 
The fake certificate is only a fallback and it is okay-ish if it
expires.

Do not alert for its expiration.
 2023-11-02 21:11:03 +01:00
Marco Ebert
9cb3919e84
Chart: Improve #10539. (#10565) 
* Helpers: Align `ingress-nginx.namespace` to `ingress-nginx.name`.

* Templates: Remove quotes.

In alignment to others. Also does not make sense as `namespace` must conform to DNS.

* Admission Webhooks/Validating Webhook: Make use of `ingress-nginx.namespace`.

* KEDA: Remove comment.

* Templates: Add forgotten namespace definitions.
 2023-11-01 22:59:56 +01:00
Pierre Ozoux
e805d4955d
feat(helm): add documentation about metric args (#10590) 
* feat(helm): add documentation about metric args

This helps documenting this issue:
https://github.com/kubernetes/ingress-nginx/issues/8233

and relates to this documentation:
https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/monitoring.md#histogram-buckets

* fix
 2023-11-01 13:57:39 +01:00
Roberto Devesa
b37f86026e
Fix typo (#10594) 2023-11-01 13:36:08 +01:00
Marco Ebert
0120a2df48
Admission Webhook: Truncate name. (#10523) 2023-10-29 18:26:05 +01:00
Ricardo Katz
5583f90c7f
Release v1.9.4 (#10568) 2023-10-25 18:33:49 +02:00
jasine
7ce6cc88d8
feat: add namespace overrides (#10539) 
* feat: add namespace overrides

* add value in readme

* fix: readme description

* fix: description in value

* fix: set max length and trim last "-"
 2023-10-24 19:53:46 +02:00
Matt Clegg
b9d8bb406c
DOCS Remove support for running Both (#10255) 2023-10-12 19:51:40 +02:00
James Strong
6f2ad83b0d
release 1.9.3 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2023-10-12 09:51:50 -04:00
James Strong
2d3ee50949
update nginx base, httpbun, e2e, helm webhook cert gen (#10506) 
* update nginx base, httpbun, e2e, helm webhook cert gen

Signed-off-by: James Strong <strong.james.e@gmail.com>

* fix helm docs

Signed-off-by: James Strong <strong.james.e@gmail.com>

---------

Signed-off-by: James Strong <strong.james.e@gmail.com>
 2023-10-11 23:53:19 +02:00
Ricardo Katz
24b139424d Release v1.9.1 2023-10-01 18:01:26 -03:00
Marco Ebert
0b0ce031ac
Chart: Rework network policies. (#10238) 2023-09-24 08:02:57 -07:00
Ricardo Katz
6107346590
Release v1.9.0 (#10433) 2023-09-23 13:46:56 -07:00
arukiidou
82e24cb399
Helm - Fix Chart.yaml - add license annotations, add type keyword, remove gotpl (#10287) 
* Helm - add license annotations, add type keyword, remove gotpl

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

* Helm - run helm-docs

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

---------

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
 2023-09-22 04:08:50 -07:00
Ricardo Katz
cb70900609
Release v1.9.0-beta.0 (#10422) 2023-09-18 04:52:31 -07:00
Marco Ebert
8f54b538d9
DaemonSet: Implement OpenTelemetry resources. (#10409) 2023-09-12 23:02:14 -07:00
František Hána
06c64bf567
helm: add resources to opentelemetry init container (#10300) 2023-09-11 19:36:12 -07:00
Ricardo Katz
cf889c6c47
Disable user snippets per default (#10393) 
* Disable user snippets per default

* Enable snippet on tests
 2023-09-10 20:02:10 -07:00
Marco Ebert
2d03da6334
Deployment/DaemonSet: Fix templating & value. (#10240) 2023-09-10 07:20:09 -07:00
Marco Ebert
4869c8b462
Deployment/DaemonSet: Template topologySpreadConstraints. (#10259) 2023-09-10 05:38:10 -07:00
James Strong
da9c5730f6
release notes 1.8.2 (#10389) 
* release notes 1.8.2

Signed-off-by: James Strong <strong.james.e@gmail.com>

* fix yaml error

Signed-off-by: James Strong <strong.james.e@gmail.com>

* supdate docs

* Rolling back to v1.21.1

---------

Signed-off-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
 2023-09-09 08:44:09 -07:00
Matt Clegg
c9ca168364
BUGFIX incorrect indentation (#10254) 
Error: Failed to render chart: exit status 1: Error: YAML parse error on ingress-nginx/templates/controller-serviceaccount.yaml: error converting YAML to JSON: yaml: line 14: mapping values are not allowed in this context
  Use --debug flag to render out invalid YAML
  Error: plugin "diff" exited with error
 2023-09-04 23:57:51 -07:00
logica
dd6145b2d3
Bump k8s.io/component-base from 0.26.4 to 0.27.4 (Replace Topology Aware Hints with Topology Aware Routing) (#10282) 
* Bump k8s.io/component-base from 0.26.4 to 0.27.4

Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base) from 0.26.4 to 0.27.4.
- [Commits](https://github.com/kubernetes/component-base/compare/v0.26.4...v0.27.4)

---
updated-dependencies:
- dependency-name: k8s.io/component-base
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* changed annotation to TopologyMode

* fixed documents

* fixed test

* using api constraint for test deployment options

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-11 07:17:27 -07:00
Kazuki Suda
e17927ba52
helm: Use .Release.Namespace as default for ServiceMonitor namespace (#10249) 
Signed-off-by: Kazuki Suda <kazuki.suda@gmail.com>
 2023-08-11 07:09:27 -07:00
Ehsan Saei
3baa591bb5
promote distroless otel init image (#10257) 2023-08-02 03:34:49 -07:00
Jan-Otto Kröpke
afd1311f85
[helm] configure allow to configure hostAliases (#10180) 
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
 2023-07-28 04:41:56 -07:00
Ricardo Katz
c5f348ea2e
Implement annotation validation (#9673) 
* Add validation to all annotations

* Add annotation validation for fcgi

* Fix reviews and fcgi e2e

* Add flag to disable cross namespace validation

* Add risk, flag for validation, tests

* Add missing formating

* Enable validation by default on tests

* Test validation flag

* remove ajp from list

* Finalize validation changes

* Add validations to CI

* Update helm docs

* Fix code review

* Use a better name for annotation risk
 2023-07-21 20:32:07 -07:00
Jan-Otto Kröpke
a297cedb7a
[helm] pass service annotations through helm tpl engine (#10084) 
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
 2023-07-20 11:00:10 -07:00
amirschw
1dd8d0cfd7
Ignore deployment template's replicas if KEDA is enabled (#9534) 2023-07-20 10:34:11 -07:00
James Strong
652a800422
release notes 1.8.1 (#10161) 
Signed-off-by: James Strong <strong.james.e@gmail.com>
 2023-06-30 18:37:24 -03:00
kylekluever
8b24fc98d2
Fix loadBalancerClass value (#10139) 2023-06-27 05:42:32 -07:00
Fabio Formosa
002d7e90d7
Added a doc line to the missing helm value service.internal.loadBalancerIP (#9406) 
* Update README.md

#9403 Add documentation for controller.service.internal.loadBalancerIP in Helm chart

* Update README.md

removed a duplicated row in the helm chart values

* #9403 added a doc to the internal loadBalancerIP

removed a comment from an already supported helm value and added a doc line

* #9403 Reverted a manual added line

Removed a manual added line in favour of helm doc

* #9403 re-generated the README with the last doc line added to the value.yaml

* #9403 removed trailing spaces

* removed trail spaces
 2023-06-27 05:34:32 -07:00
Isaac Wilson
08158df8c0
Update typo in docs for lb scheme (#10117) 2023-06-22 10:35:40 -07:00
LucasBoisserie
0b4c98b7c3
feat(helm): Add loadBalancerClass (#9562) 2023-06-22 07:59:40 -07:00