Add ingress/route configurable to specify active/general service (#570)
* Add ingress/route configurable to specify active/general service * Update test/unit/server-ingress.bats Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com> * values.schema.json Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
This commit is contained in:
parent
a0d7b84ec2
commit
255cdc7d26
6 changed files with 109 additions and 37 deletions
|
@ -4,7 +4,7 @@
|
|||
{{- if .Values.server.ingress.enabled -}}
|
||||
{{- $extraPaths := .Values.server.ingress.extraPaths -}}
|
||||
{{- $serviceName := include "vault.fullname" . -}}
|
||||
{{- if and (eq .mode "ha" ) (eq (.Values.server.service.enabled | toString) "true" ) (eq (.Values.global.enabled | toString) "true") }}
|
||||
{{- if and (eq .mode "ha" ) (eq (.Values.server.service.enabled | toString) "true" ) (eq (.Values.global.enabled | toString) "true") (eq (.Values.server.ingress.activeService | toString) "true") }}
|
||||
{{- $serviceName = printf "%s-%s" $serviceName "active" -}}
|
||||
{{- end }}
|
||||
{{- $servicePort := .Values.server.service.port -}}
|
||||
|
|
|
@ -1,33 +1,33 @@
|
|||
{{- if .Values.global.openshift }}
|
||||
{{- if ne .mode "external" }}
|
||||
{{- if .Values.server.route.enabled -}}
|
||||
{{- $serviceName := include "vault.fullname" . -}}
|
||||
{{- if eq .mode "ha" }}
|
||||
{{- $serviceName = printf "%s-%s" $serviceName "active" -}}
|
||||
{{- end }}
|
||||
kind: Route
|
||||
apiVersion: route.openshift.io/v1
|
||||
metadata:
|
||||
name: {{ template "vault.fullname" . }}
|
||||
labels:
|
||||
helm.sh/chart: {{ include "vault.chart" . }}
|
||||
app.kubernetes.io/name: {{ include "vault.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- with .Values.server.route.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- template "vault.route.annotations" . }}
|
||||
spec:
|
||||
host: {{ .Values.server.route.host }}
|
||||
to:
|
||||
kind: Service
|
||||
name: {{ $serviceName }}
|
||||
weight: 100
|
||||
port:
|
||||
targetPort: 8200
|
||||
tls:
|
||||
termination: passthrough
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.global.openshift }}
|
||||
{{- if ne .mode "external" }}
|
||||
{{- if .Values.server.route.enabled -}}
|
||||
{{- $serviceName := include "vault.fullname" . -}}
|
||||
{{- if and (eq .mode "ha" ) (eq (.Values.server.route.activeService | toString) "true") }}
|
||||
{{- $serviceName = printf "%s-%s" $serviceName "active" -}}
|
||||
{{- end }}
|
||||
kind: Route
|
||||
apiVersion: route.openshift.io/v1
|
||||
metadata:
|
||||
name: {{ template "vault.fullname" . }}
|
||||
labels:
|
||||
helm.sh/chart: {{ include "vault.chart" . }}
|
||||
app.kubernetes.io/name: {{ include "vault.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- with .Values.server.route.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- template "vault.route.annotations" . }}
|
||||
spec:
|
||||
host: {{ .Values.server.route.host }}
|
||||
to:
|
||||
kind: Service
|
||||
name: {{ $serviceName }}
|
||||
weight: 100
|
||||
port:
|
||||
targetPort: 8200
|
||||
tls:
|
||||
termination: passthrough
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -131,7 +131,7 @@ load _helpers
|
|||
[ "${actual}" = "nginx" ]
|
||||
}
|
||||
|
||||
@test "server/ingress: uses active service when ha - yaml" {
|
||||
@test "server/ingress: uses active service when ha by default - yaml" {
|
||||
cd `chart_dir`
|
||||
|
||||
local actual=$(helm template \
|
||||
|
@ -145,6 +145,21 @@ load _helpers
|
|||
[ "${actual}" = "RELEASE-NAME-vault-active" ]
|
||||
}
|
||||
|
||||
@test "server/ingress: uses regular service when configured with ha - yaml" {
|
||||
cd `chart_dir`
|
||||
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-ingress.yaml \
|
||||
--set 'server.ingress.enabled=true' \
|
||||
--set 'server.ingress.activeService=false' \
|
||||
--set 'server.dev.enabled=false' \
|
||||
--set 'server.ha.enabled=true' \
|
||||
--set 'server.service.enabled=true' \
|
||||
. | tee /dev/stderr |
|
||||
yq -r '.spec.rules[0].http.paths[0].backend.serviceName' | tee /dev/stderr)
|
||||
[ "${actual}" = "RELEASE-NAME-vault" ]
|
||||
}
|
||||
|
||||
@test "server/ingress: uses regular service when not ha - yaml" {
|
||||
cd `chart_dir`
|
||||
|
||||
|
@ -157,4 +172,19 @@ load _helpers
|
|||
. | tee /dev/stderr |
|
||||
yq -r '.spec.rules[0].http.paths[0].backend.serviceName' | tee /dev/stderr)
|
||||
[ "${actual}" = "RELEASE-NAME-vault" ]
|
||||
}
|
||||
}
|
||||
|
||||
@test "server/ingress: uses regular service when not ha and activeService is true - yaml" {
|
||||
cd `chart_dir`
|
||||
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-ingress.yaml \
|
||||
--set 'server.ingress.enabled=true' \
|
||||
--set 'server.ingress.activeService=true' \
|
||||
--set 'server.dev.enabled=false' \
|
||||
--set 'server.ha.enabled=false' \
|
||||
--set 'server.service.enabled=true' \
|
||||
. | tee /dev/stderr |
|
||||
yq -r '.spec.rules[0].http.paths[0].backend.serviceName' | tee /dev/stderr)
|
||||
[ "${actual}" = "RELEASE-NAME-vault" ]
|
||||
}
|
||||
|
|
|
@ -102,7 +102,20 @@ load _helpers
|
|||
[ "${actual}" = "RELEASE-NAME-vault" ]
|
||||
}
|
||||
|
||||
@test "server/route: OpenShift - route points to active service by when HA" {
|
||||
@test "server/route: OpenShift - route points to main service when not ha and activeService is true" {
|
||||
cd `chart_dir`
|
||||
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-route.yaml \
|
||||
--set 'global.openshift=true' \
|
||||
--set 'server.route.enabled=true' \
|
||||
--set 'server.route.activeService=true' \
|
||||
. | tee /dev/stderr |
|
||||
yq -r '.spec.to.name' | tee /dev/stderr)
|
||||
[ "${actual}" = "RELEASE-NAME-vault" ]
|
||||
}
|
||||
|
||||
@test "server/route: OpenShift - route points to active service by when HA by default" {
|
||||
cd `chart_dir`
|
||||
|
||||
local actual=$(helm template \
|
||||
|
@ -114,3 +127,17 @@ load _helpers
|
|||
yq -r '.spec.to.name' | tee /dev/stderr)
|
||||
[ "${actual}" = "RELEASE-NAME-vault-active" ]
|
||||
}
|
||||
|
||||
@test "server/route: OpenShift - route points to general service by when HA when configured" {
|
||||
cd `chart_dir`
|
||||
|
||||
local actual=$(helm template \
|
||||
--show-only templates/server-route.yaml \
|
||||
--set 'global.openshift=true' \
|
||||
--set 'server.route.enabled=true' \
|
||||
--set 'server.route.activeService=false' \
|
||||
--set 'server.ha.enabled=true' \
|
||||
. | tee /dev/stderr |
|
||||
yq -r '.spec.to.name' | tee /dev/stderr)
|
||||
[ "${actual}" = "RELEASE-NAME-vault" ]
|
||||
}
|
||||
|
|
|
@ -564,6 +564,9 @@
|
|||
"ingress": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"activeService": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"annotations": {
|
||||
"type": [
|
||||
"object",
|
||||
|
@ -686,6 +689,9 @@
|
|||
"route": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"activeService": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"annotations": {
|
||||
"type": [
|
||||
"object",
|
||||
|
|
|
@ -259,6 +259,10 @@ server:
|
|||
# or
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
|
||||
# When HA mode is enabled and K8s service registration is being used,
|
||||
# configure the ingress to point to the Vault active service.
|
||||
activeService: true
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths: []
|
||||
|
@ -277,6 +281,11 @@ server:
|
|||
# The created route will be of type passthrough
|
||||
route:
|
||||
enabled: false
|
||||
|
||||
# When HA mode is enabled and K8s service registration is being used,
|
||||
# configure the route to point to the Vault active service.
|
||||
activeService: true
|
||||
|
||||
labels: {}
|
||||
annotations: {}
|
||||
host: chart-example.local
|
||||
|
|
Loading…
Reference in a new issue