From 3831db9d6a5d7ad24e689d8c4f38071387958586 Mon Sep 17 00:00:00 2001 From: shahargl Date: Mon, 21 Oct 2024 15:19:44 +0300 Subject: [PATCH] feat: wip --- charts/keep/Chart.yaml | 4 +- charts/keep/templates/_helpers.tpl | 36 ++++++- charts/keep/templates/backend-ingress.yaml | 61 ----------- charts/keep/templates/nginx-ingress.yaml | 101 ++++++++++--------- charts/keep/templates/websocket-ingress.yaml | 64 ------------ charts/keep/values.yaml | 42 +++----- 6 files changed, 103 insertions(+), 205 deletions(-) delete mode 100644 charts/keep/templates/backend-ingress.yaml delete mode 100644 charts/keep/templates/websocket-ingress.yaml diff --git a/charts/keep/Chart.yaml b/charts/keep/Chart.yaml index 48c6552..f5ff706 100644 --- a/charts/keep/Chart.yaml +++ b/charts/keep/Chart.yaml @@ -15,8 +15,10 @@ keywords: dependencies: - name: ingress-nginx repository: https://kubernetes.github.io/ingress-nginx - version: 4.11.3 + version: ~4.11.3 condition: ingress-nginx.enabled + tags: + - ingress home: https://platform.keephq.dev/ sources: - https://github.com/keephq/helm-charts diff --git a/charts/keep/templates/_helpers.tpl b/charts/keep/templates/_helpers.tpl index 8e9af09..d7c2687 100644 --- a/charts/keep/templates/_helpers.tpl +++ b/charts/keep/templates/_helpers.tpl @@ -80,21 +80,21 @@ Helper function to find an environment variable in the list Helper function for websocket host (relative) */}} {{- define "keep.websocketPrefix" -}} -{{- coalesce .Values.websocket.ingress.prefix .Values.global.ingress.websocketPrefix "/websocket" -}} +{{- coalesce .Values.global.ingress.websocketPrefix "/websocket" -}} {{- end -}} {{/* Helper function for backend host (relative) */}} {{- define "keep.backendPrefix" -}} -{{- coalesce .Values.backend.ingress.prefix .Values.global.ingress.backendPrefix "/api" -}} +{{- coalesce .Values.global.ingress.backendPrefix "/api" -}} {{- end -}} {{/* Helper function for frontend host (relative) */}} {{- define "keep.frontendPrefix" -}} -{{- coalesce .Values.frontend.ingress.prefix .Values.global.ingress.frontendPrefix "/" -}} +{{- coalesce .Values.global.ingress.frontendPrefix "/" -}} {{- end -}} {{/* @@ -119,4 +119,34 @@ Helper function for API_URL for the frontend {{- else -}} {{- include "keep.backendPrefix" . -}} {{- end -}} +{{- end -}} + + +{{/* +Determine if ingress-nginx should be installed +*/}} +{{- define "keep.shouldInstallIngressNginx" -}} +{{- if .Release.IsInstall -}} + {{- if .Values.preInstallJob.enabled -}} + {{- $jobName := printf "%s-nginx-ingress-check" .Release.Name -}} + {{- $job := (lookup "batch/v1" "Job" .Release.Namespace $jobName) -}} + {{- if $job -}} + {{- if $job.status -}} + {{- if eq (int $job.status.succeeded) 0 -}} + {{- printf "false" -}} + {{- else -}} + {{- printf "true" -}} + {{- end -}} + {{- else -}} + {{- printf "true" -}} + {{- end -}} + {{- else -}} + {{- printf "true" -}} + {{- end -}} + {{- else -}} + {{- printf "true" -}} + {{- end -}} +{{- else -}} + {{- printf "false" -}} +{{- end -}} {{- end -}} \ No newline at end of file diff --git a/charts/keep/templates/backend-ingress.yaml b/charts/keep/templates/backend-ingress.yaml deleted file mode 100644 index 9f6d08d..0000000 --- a/charts/keep/templates/backend-ingress.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if and .Values.backend.enabled .Values.backend.ingress.enabled -}} -{{- $fullName := include "keep.fullname" . -}} -{{- $svcPort := .Values.backend.service.port -}} -{{- if and .Values.backend.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.backend.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.backend.ingress.annotations "kubernetes.io/ingress.class" .Values.backend.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }}-backend - labels: - {{- include "keep.labels" . | nindent 4 }} - {{- with .Values.backend.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.backend.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.backend.ingress.className }} - {{- end }} - {{- if .Values.backend.ingress.tls }} - tls: - {{- range .Values.backend.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.backend.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} - pathType: {{ .pathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }}-backend - port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }}-backend - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/keep/templates/nginx-ingress.yaml b/charts/keep/templates/nginx-ingress.yaml index cbf7262..b6d2fc7 100644 --- a/charts/keep/templates/nginx-ingress.yaml +++ b/charts/keep/templates/nginx-ingress.yaml @@ -1,9 +1,5 @@ -{{- if and (or .Values.frontend.enabled .Values.backend.enabled) .Values.frontend.ingress.enabled }} +{{- if .Values.global.ingress.enabled }} {{- $fullName := include "keep.fullname" . }} -{{- $frontendPort := .Values.frontend.service.port }} -{{- $backendPort := .Values.backend.service.port }} -{{- $websocketPort := .Values.websocket.service.port }} - apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -19,23 +15,36 @@ metadata: nginx.ingress.kubernetes.io/proxy-http-version: "1.1" nginx.ingress.kubernetes.io/use-http2: "false" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/server-snippets: | - location {{ include "keep.websocketPrefix" . }}/ { - proxy_pass http://{{ $fullName }}-websocket:{{ .Values.websocket.service.port }}; + nginx.ingress.kubernetes.io/configuration-snippet: | + if ($request_uri ~* ^({{ .Values.global.ingress.websocketPrefix }}|{{ .Values.global.ingress.backendPrefix }}|{{ .Values.global.ingress.frontendPrefix }})(/|$)(.*)) { + rewrite ^({{ .Values.global.ingress.websocketPrefix }}|{{ .Values.global.ingress.backendPrefix }}|{{ .Values.global.ingress.frontendPrefix }})(/|$)(.*) /$3 break; + } + nginx.ingress.kubernetes.io/server-snippet: | + {{- if $.Values.websocket.enabled }} + location ^~ {{ .Values.global.ingress.websocketPrefix }} { + rewrite ^{{ .Values.global.ingress.websocketPrefix }}(/|$)(.*) /$2 break; + proxy_pass http://{{ $fullName }}-websocket:{{ $.Values.websocket.service.port }}; + proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Connection "upgrade"; proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $http_host; proxy_cache_bypass $http_upgrade; } - {{- with .Values.frontend.ingress.annotations }} + {{- end }} + nginx.ingress.kubernetes.io/rewrite-target: /$1 + nginx.ingress.kubernetes.io/use-regex: "true" + {{- with .Values.global.ingress.annotations }} {{- toYaml . | nindent 4 }} {{- end }} spec: - ingressClassName: nginx - {{- if .Values.frontend.ingress.tls }} + ingressClassName: {{ .Values.global.ingress.className }} + {{- if .Values.global.ingress.tls }} tls: - {{- range .Values.frontend.ingress.tls }} + {{- range .Values.global.ingress.tls }} - hosts: {{- range .hosts }} - {{ . | quote }} @@ -44,64 +53,64 @@ spec: {{- end }} {{- end }} rules: - {{- if or .Values.frontend.ingress.hosts .Values.backend.ingress.hosts }} - {{- range $host := (concat .Values.frontend.ingress.hosts .Values.backend.ingress.hosts) }} - - host: {{ $host | quote }} + {{- if .Values.global.ingress.hosts }} + {{- range .Values.global.ingress.hosts }} + - host: {{ .host | quote }} http: paths: - {{- if and $.Values.websocket.enabled $websocketPort }} - - path: {{ include "keep.websocketPrefix" $ }} - pathType: Prefix + {{- if $.Values.websocket.enabled }} + - path: {{ $.Values.global.ingress.websocketPrefix }}(/|$)(.*) + pathType: ImplementationSpecific backend: service: name: {{ $fullName }}-websocket port: - number: {{ $websocketPort }} + number: {{ $.Values.websocket.service.port }} {{- end }} - - path: {{ include "keep.frontendPrefix" $ }} - pathType: Prefix + {{- if $.Values.backend.enabled }} + - path: {{ $.Values.global.ingress.backendPrefix }}(/|$)(.*) + pathType: ImplementationSpecific backend: service: - name: {{ $fullName }}-frontend + name: {{ $fullName }}-backend port: - number: {{ $frontendPort }} - {{- if and $.Values.backend $.Values.backend.enabled }} - - path: {{ include "keep.backendPrefix" $ }} - pathType: Prefix + number: {{ $.Values.backend.service.port }} + {{- end }} + - path: {{ $.Values.global.ingress.frontendPrefix }}(.*) + pathType: ImplementationSpecific backend: service: - name: {{ $fullName }}-backend + name: {{ $fullName }}-frontend port: - number: {{ $backendPort }} - {{- end }} + number: {{ $.Values.frontend.service.port }} {{- end }} {{- else }} - http: paths: - {{- if and $.Values.websocket.enabled $websocketPort }} - - path: {{ include "keep.websocketPrefix" . }} - pathType: Prefix + {{- if $.Values.websocket.enabled }} + - path: {{ $.Values.global.ingress.websocketPrefix }}(/|$)(.*) + pathType: ImplementationSpecific backend: service: name: {{ $fullName }}-websocket port: - number: {{ $websocketPort }} + number: {{ $.Values.websocket.service.port }} {{- end }} - - path: {{ include "keep.frontendPrefix" . }} - pathType: Prefix + {{- if $.Values.backend.enabled }} + - path: {{ $.Values.global.ingress.backendPrefix }}(/|$)(.*) + pathType: ImplementationSpecific backend: service: - name: {{ $fullName }}-frontend + name: {{ $fullName }}-backend port: - number: {{ $frontendPort }} - {{- if and $.Values.backend $.Values.backend.enabled }} - - path: {{ include "keep.backendPrefix" . }} - pathType: Prefix + number: {{ $.Values.backend.service.port }} + {{- end }} + - path: {{ $.Values.global.ingress.frontendPrefix }}(.*) + pathType: ImplementationSpecific backend: service: - name: {{ $fullName }}-backend + name: {{ $fullName }}-frontend port: - number: {{ $backendPort }} - {{- end }} + number: {{ $.Values.frontend.service.port }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/keep/templates/websocket-ingress.yaml b/charts/keep/templates/websocket-ingress.yaml deleted file mode 100644 index acdba7c..0000000 --- a/charts/keep/templates/websocket-ingress.yaml +++ /dev/null @@ -1,64 +0,0 @@ -{{- if and .Values.websocket.enabled .Values.websocket.ingress.enabled -}} -{{- $fullName := include "keep.fullname" . -}} -{{- $svcPort := .Values.websocket.service.port -}} -{{- if and .Values.websocket.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.websocket.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.websocket.ingress.annotations "kubernetes.io/ingress.class" .Values.websocket.ingress.className }} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }}-websocket - labels: - {{- include "keep.labels" . | nindent 4 }} - {{- with .Values.websocket.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.websocket.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.websocket.ingress.className }} - {{- end }} - {{- if .Values.websocket.ingress.tls }} - tls: - {{- range .Values.websocket.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.websocket.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} - pathType: {{ .pathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }}-websocket - port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }}-websocket - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.websocket.extraIngress -}} - {{ toYaml .Values.websocket.extraIngress | nindent 2 }} - {{- end }} -{{- end }} diff --git a/charts/keep/values.yaml b/charts/keep/values.yaml index 925a706..2ad4466 100644 --- a/charts/keep/values.yaml +++ b/charts/keep/values.yaml @@ -9,15 +9,20 @@ isGKE: false global: ingress: + enabled: true + className: "nginx" + annotations: {} websocketPrefix: "/websocket" - backendPrefix: "/api" + # can't use /api since its "catched" by the nextjs frontend e.g. /api/auth/signin or /api/config + backendPrefix: "/apinew" frontendPrefix: "/" + hosts: [] + tls: [] ingress-nginx: + # install the ingress-nginx controller dependency repo enabled: true controller: - nameOverride: keep-ingress-nginx - fullnameOverride: keep-ingress-nginx service: enabled: true type: LoadBalancer @@ -33,6 +38,7 @@ ingress-nginx: pullPolicy: IfNotPresent certManager: enabled: false + allowSnippetAnnotations: true backend: @@ -79,15 +85,7 @@ backend: service: type: ClusterIP port: 8080 - ingress: - enabled: true - className: "" - annotations: {} - hosts: - - paths: - - path: / - pathType: Prefix - tls: [] + # for openshit route: enabled: false host: chart-example-backend.local @@ -163,15 +161,7 @@ frontend: service: type: ClusterIP port: 3000 - ingress: - enabled: true - className: "nginx" - annotations: {} - hosts: - - paths: - - path: / - pathType: Prefix - tls: [] + # for openshit route: enabled: false host: chart-example.local @@ -262,15 +252,7 @@ websocket: httpGet: path: / port: http - ingress: - enabled: false - className: "nginx" - hosts: - paths: - - path: / - pathType: Prefix - tls: [] - annotations: {} + # for openshit route: enabled: false host: chart-example.local