Support for ingress (#48)

* Added ingress support

* Added small header with documentation about ingress

* Added unit tests
This commit is contained in:
Alejandro Garrido Mota 2019-09-27 16:42:24 +01:00 committed by Clint
parent b1e4660555
commit 9dd6bad741
3 changed files with 106 additions and 0 deletions

View file

@ -0,0 +1,41 @@
{{- if .Values.server.ingress.enabled -}}
{{- $serviceName := include "vault.fullname" . -}}
{{- $servicePort := .Values.server.service.port -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ template "vault.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ include "vault.chart" . }}
app.kubernetes.io/name: {{ include "vault.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.server.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.server.ingress.tls }}
tls:
{{- range .Values.server.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.server.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ . }}
backend:
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end }}
{{- end }}
{{- end }}

View file

@ -0,0 +1,47 @@
#!/usr/bin/env bats
load _helpers
@test "server/ingress: disabled by default" {
cd `chart_dir`
local actual=$(helm template \
-x templates/server-ingress.yaml \
. | tee /dev/stderr |
yq 'length > 0' | tee /dev/stderr)
[ "${actual}" = "false" ]
}
@test "server/ingress: checking host entry gets added and path is /" {
cd `chart_dir`
local actual=$(helm template \
-x templates/server-ingress.yaml \
--set 'server.ingress.enabled=true' \
--set 'server.ingress.hosts[0].host=test.com' \
--set 'server.ingress.hosts[0].paths[0]=/' \
. | tee /dev/stderr |
yq -r '.spec.rules[0].host' | tee /dev/stderr)
[ "${actual}" = 'test.com' ]
local actual=$(helm template \
-x templates/server-ingress.yaml \
--set 'server.ingress.enabled=true' \
--set 'server.ingress.hosts[0].host=test.com' \
--set 'server.ingress.hosts[0].paths[0]=/' \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].path' | tee /dev/stderr)
[ "${actual}" = '/' ]
}
@test "server/ingress: vault backend should be added when I specify a path" {
cd `chart_dir`
local actual=$(helm template \
-x templates/server-ingress.yaml \
--set 'server.ingress.enabled=true' \
--set 'server.ingress.hosts[0].host=test.com' \
--set 'server.ingress.hosts[0].paths[0]=/' \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].backend.serviceName | length > 0' | tee /dev/stderr)
[ "${actual}" = "true" ]
}

View file

@ -23,6 +23,24 @@ server:
# memory: 256Mi
# cpu: 250m
# Ingress settings
# Enabling it a ingress will be created which will manage external access to the
# cluster, very useful if you want to expose the Vault UI
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths: []
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
# authDelegator enables a cluster role binding to be attached to the service
# account. This cluster role binding can be used to setup Kubernetes auth
# method. https://www.vaultproject.io/docs/auth/kubernetes.html