DevFW-CICD/ingress-nginx-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
%!d() commits 4 branches 217 tags 166 MiB
Commit graph

24 commits

Author SHA1 Message Date
TheRealNoob
af9e5246ad
Chart: Make pod affinity templatable. (#11453) 
* [helm] template pod affinity

* update README

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* revert Chart.yaml version bump

* add unittests

* add docs defaultBackend.affinity

* add README section to values

* fix README syntax

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* Update charts/ingress-nginx/values.yaml

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* update formatting of unittests + add README examples

* fix affinity labels on default-backend

* Apply suggestions from code review

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>

* remove double quotes on string

---------

Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
 2024-06-14 02:13:44 -07:00
Marco Ebert
531b007b60
Chart: Add unit tests for default backend & topology spread constraints. (#11218) 
Also remove trailing whitespaces.
 2024-04-05 14:19:58 -07:00
Matheus Fidelis
e9509e27aa
feature(default_backend): topologySpreadConstraints on default backend (#11197) 
feature(default_backend): topologySpread support

feature(default_backend): topologySpread support

feature(default_backend): helm-docs

feature(default_backend): helm-docs

feature(default_backend): helm-docs

feature(default_backend): helm-docs

feature(default_backend): nit

feature(default_backend): nit

feature(default_backend): nit
 2024-04-05 04:54:48 -07:00
Joshua Sleeper
707a5a0bea
fix(labels): use complete labels variable on default-backend deployment (#10317) 2023-12-20 21:50:46 +01:00
Marco Ebert
815a1c56a9
Chart: Simplify image templating. (#10708) 2023-12-05 17:22:12 +01:00
Marco Ebert
8b026f42d5
Chart: Tighten securityContexts and Pod Security Policies. (#10491) 
* Values: Fix docs of `controller.podSecurityContext` & `controller.sysctls`.

* Values: Add missing `controller.containerSecurityContext`.

Already in use, but has never been added to values.

* Values: Fix docs of `defaultBackend.podSecurityContext` & `defaultBackend.containerSecurityContext`.

* Helpers: Rename `controller.containerSecurityContext` to `ingress-nginx.controller.containerSecurityContext`.

Due to alignment with other templates.

* Helpers: Improve `extraModules`.

- Make `command` a multiline list.
- Fix `toYaml` usage.
- Remove `toYaml` where not necessary.

* Helpers: Move `ingress-nginx.defaultBackend.fullname`.

* Helpers: Add `ingress-nginx.defaultBackend.containerSecurityContext`.

Extracts the default backend `securityContext` into a template, as for the controller.

* Controller: Fix indentation of `controller.podSecurityContext` & `controller.sysctls`.

* Controller: Improve `controller.extraModules` & `controller.opentelemetry`.

- Add `controller.extraModules.distroless` & `controller.extraModules.resources`.
- Add `controller.opentelemetry.name` & `controller.opentelemetry.distroless`.
- Align `extraModules` inclusion for `controller.extraModules` & `controller.opentelemetry`.
- Remove redundant whitespaces.

* Controller/PSP: Align indentation.

* Controller/PSP: Remove quotes.

* Controller/PSP: Improve comments.

* Controller/PSP: Reorder fields.

See https://v1-24.docs.kubernetes.io/docs/concepts/security/pod-security-policy.

* Admission Webhooks: Fix indentation of `controller.admissionWebhooks.patch.securityContext`.

* Admission Webhooks/PSP: Align indentation.

* Admission Webhooks/PSP: Reorder fields.

* Admission Webhooks/PSP: Align condition.

* Admission Webhooks/ClusterRole: Align PSP rule.

* Default Backend/PSP: Align indentation.

* Default Backend/PSP: Reorder fields.

See https://v1-24.docs.kubernetes.io/docs/concepts/security/pod-security-policy.

* Values: Tighten `controller.image`.

Due to recent changes, the controller image can be run without privilege escalation:

- https://github.com/kubernetes/ingress-nginx/issues/8499
- https://github.com/kubernetes/ingress-nginx/pull/7449

* Values: Tighten `controller.extraModules.containerSecurityContext`.

* Values: Tighten `controller.opentelemetry.containerSecurityContext`.

* Values: Tighten `controller.admissionWebhooks.*.securityContext`.

Moves the pod `securityContext` to the containers to not interfere with injected containers.

* Values: Tighten `defaultBackend.image`.
 2023-11-07 18:52:36 +01:00
jasine
7ce6cc88d8
feat: add namespace overrides (#10539) 
* feat: add namespace overrides

* add value in readme

* fix: readme description

* fix: description in value

* fix: set max length and trim last "-"
 2023-10-24 19:53:46 +02:00
yutachaos
bbf7c79f96
Add update updateStrategy and minReadySeconds for defaultBackend (#8506) 
* Add update updateStrategy and minReadySeconds for defaultBackend

* Bump chart

* Fixed docs helm-docs version
 2023-01-08 14:37:27 -08:00
Muhammad Hamza Zaib
30c0d2260d
[Helm] Add labels to resources (#6992) 
* Add labels to RBAC resources

* Add labels to all resources

* Fix labels indentaton in patch jobs

* Add controller and default backend labels to pods

Signed-off-by: Muhammad Hamza Zaib <hamzazaib3202@gmail.com>

* Bump chart version and update changelog

Signed-off-by: Muhammad Hamza Zaib <hamzazaib3202@gmail.com>
 2021-11-19 06:52:52 -08:00
Long
2a190d2657
added namespace field in the namespace scoped resource templates of helm chart (#7256) 
* added namespace field in the namespace scoped resource templates of helm chart

* moved namespace field from roleRef to metadata
 2021-06-21 04:56:51 -07:00
Zach Rhoads
f6dbd93865
updated values.yaml and templates to have separate values for registry and image with container images, left repository value for backwards compatability (#7095) 2021-05-23 09:07:38 -07:00
Pierre Péronnet
59f930dd25
feat(chart) Add volumes to default-backend deployment 
Update changelog and Chart.yml

Signed-off-by: Pierre Péronnet <pierre.peronnet@ovhcloud.com>
 2021-03-09 16:54:12 +01:00
Adam Hamsik
ab9ba3e970 Add Default backend HPA autoscaling. 2020-11-06 19:37:27 +01:00
Alexis Martinier
8c56e4df9d Add securitycontext settings on defaultbackend 
Signed-off-by: Alexis Martinier <a.martinier@gmail.com>
 2020-11-02 12:02:33 +01:00
Manuel Alejandro de Brito Fontes
4b831c77b2
Refactor parsing of key values 2020-09-21 13:04:32 -03:00
Manuel Alejandro de Brito Fontes
6c73d66ae6 Update helm chart for v0.34.0 2020-07-10 08:57:40 -04:00
Graham McGregor
2205edb16b Allow pulling images by digest 
The digest uniquely identifies a specific version of the image, so it is
never updated by Kubernetes unless you change the digest value. This is
desirable for security to gain confidence that no unvetted changes are
pulled to a deployment.
 2020-05-20 12:05:43 -04:00
Manuel Alejandro de Brito Fontes
768a91f58d Fix chart missing default backend name 2020-04-29 22:44:04 -04:00
Manuel Alejandro de Brito Fontes
1f3eac2c8c Remove duplicated annotations definition and refactor hostPort configuration 2020-04-06 19:15:47 -04:00
Naseem
5ae314bd64
Hardcode component names. 
By removing this, we reduce unecessary config options and moving parts.

Signed-off-by: Naseem <naseem@transit.app>
 2020-03-10 09:36:26 -04:00
ChiefAlexander
388a499533
Cleanup chart code 2020-03-03 09:20:45 -06:00
ChiefAlexander
710f1f2601
Update helm templates to match new chart name 2020-02-28 08:53:24 -06:00
Naseem
003039f23c
Use recommended labels and label helpers 
Signed-off-by: Naseem <naseem@transit.app>
 2020-02-27 22:35:34 -05:00
Manuel Alejandro de Brito Fontes
624cb5f048
Start migration of helm chart (#5159) 2020-02-24 16:25:57 -03:00