From e7429090d8a0150126b4e6d29c451ec679628d24 Mon Sep 17 00:00:00 2001 From: Justin Seiser Date: Wed, 14 Jun 2023 13:28:55 -0400 Subject: [PATCH] feat(ingress): Allow creating secondary ingress (#289) * feat(ingress): Allow creating secondary ingress to publically expose webhooks * remove formatting * Adding values.yaml documentation * linting * Adding CI Values --- charts/atlantis/Chart.yaml | 14 +-- charts/atlantis/ci/ci-values.yaml | 11 ++ .../atlantis/templates/webhook-ingress.yaml | 107 ++++++++++++++++++ charts/atlantis/values.yaml | 35 +++++- 4 files changed, 159 insertions(+), 8 deletions(-) create mode 100644 charts/atlantis/templates/webhook-ingress.yaml diff --git a/charts/atlantis/Chart.yaml b/charts/atlantis/Chart.yaml index 554b714f..2a784c86 100644 --- a/charts/atlantis/Chart.yaml +++ b/charts/atlantis/Chart.yaml @@ -3,15 +3,15 @@ apiVersion: v1 appVersion: v0.24.2 description: A Helm chart for Atlantis https://www.runatlantis.io name: atlantis -version: 4.12.7 +version: 4.13.0 keywords: -- terraform + - terraform home: https://www.runatlantis.io icon: https://www.runatlantis.io/hero.png sources: -- https://github.com/runatlantis/atlantis + - https://github.com/runatlantis/atlantis maintainers: -- name: lkysow -- name: jamengual -- name: chenrui333 -- name: nitrocode + - name: lkysow + - name: jamengual + - name: chenrui333 + - name: nitrocode diff --git a/charts/atlantis/ci/ci-values.yaml b/charts/atlantis/ci/ci-values.yaml index b2e17f8a..b8a25aad 100644 --- a/charts/atlantis/ci/ci-values.yaml +++ b/charts/atlantis/ci/ci-values.yaml @@ -7,6 +7,17 @@ github: service: type: ClusterIP +ingress: + enabled: true + ingressClassName: nginx + host: atlantis.localdev.me + path: / +secondary_ingress: + enabled: true + ingressClassName: nginx + host: atlantis-webook.localdev.me + path: /events + resources: requests: memory: 64Mi diff --git a/charts/atlantis/templates/webhook-ingress.yaml b/charts/atlantis/templates/webhook-ingress.yaml new file mode 100644 index 00000000..b0827a71 --- /dev/null +++ b/charts/atlantis/templates/webhook-ingress.yaml @@ -0,0 +1,107 @@ +{{- if .Values.webhook_ingress.enabled -}} +{{- $apiVersion := .Values.webhook_ingress.apiVersion }} +{{- if and $apiVersion (or (eq $apiVersion "networking.k8s.io/v1") (eq $apiVersion "networking.k8s.io/v1beta1") (eq $apiVersion "extensions/v1beta1")) -}} +{{- else -}} + {{- $kubeVersion := .Capabilities.KubeVersion.GitVersion }} + {{- if semverCompare ">=1.19-0" $kubeVersion -}} + {{- $apiVersion = "networking.k8s.io/v1" -}} + {{- else if semverCompare ">=1.14-0" $kubeVersion -}} + {{- $apiVersion = "networking.k8s.io/v1beta1" -}} + {{- else -}} + {{- $apiVersion = "extensions/v1beta1" -}} + {{- end }} +{{- end }} +{{- $fullName := include "atlantis.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- $pathType := .Values.webhook_ingress.pathType -}} +apiVersion: {{ $apiVersion }} +kind: Ingress +metadata: + name: {{ $fullName }}-secondary + labels: +{{- include "atlantis.labels" . | nindent 4 }} +{{- if .Values.webhook_ingress.labels }} +{{ toYaml .Values.webhook_ingress.labels | indent 4 }} +{{- end }} +{{- with .Values.webhook_ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.webhook_ingress.ingressClassName }} + ingressClassName: {{ .Values.webhook_ingress.ingressClassName }} +{{- end }} +{{- if .Values.webhook_ingress.tls }} + tls: +{{ toYaml .Values.webhook_ingress.tls | indent 4 }} +{{- end }} + rules: + {{- if not .Values.webhook_ingress.hosts }} + - + {{- if .Values.webhook_ingress.host }} + host: {{ .Values.webhook_ingress.host | quote }} + {{- end }} + http: + paths: + {{- if .Values.webhook_ingress.paths }} + {{- range .Values.webhook_ingress.paths }} + - path: {{ .path }} + backend: + {{- if eq $apiVersion "networking.k8s.io/v1" }} + service: + name: {{ .service }} + port: + number: {{ .port }} + pathType: {{ $.Values.webhook_ingress.pathType }} + {{- else }} + serviceName: {{ .service }} + servicePort: {{ .port }} + {{- end }} + {{- end }} + {{ else }} + - path: {{ .Values.webhook_ingress.path }} + backend: + {{- if eq $apiVersion "networking.k8s.io/v1" }} + service: + name: {{ $fullName }} + port: + number: {{ .Values.service.port }} + pathType: {{ .Values.webhook_ingress.pathType }} + {{ else }} + serviceName: {{ $fullName }} + servicePort: {{ .Values.service.port }} + {{- end }} + {{- end }} + {{ else }} + {{- range $k := .Values.webhook_ingress.hosts }} + - + {{- if .host }} + host: {{ .host | quote }} + {{- end }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + backend: + {{- if eq $apiVersion "networking.k8s.io/v1" }} + service: + {{- if $k.service }} + name: {{ $k.service }} + {{- else }} + name: {{ $fullName }} + {{- end }} + port: + number: {{ $svcPort }} + pathType: {{ $pathType }} + {{- else -}} + {{- if $k.service }} + serviceName: {{ $k.service }} + {{- else }} + serviceName: {{ $fullName }} + {{- end }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/atlantis/values.yaml b/charts/atlantis/values.yaml index fb020a22..2fe06485 100644 --- a/charts/atlantis/values.yaml +++ b/charts/atlantis/values.yaml @@ -246,7 +246,40 @@ ingress: annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" - path: /* + path: /* # / for nginx +## this is in case we want several paths under the same host, with different backend services +# paths: +# - path: "/path1" +# service: test1 +# port: +# - path: "/path2" +# service: test2 +# port: + pathType: ImplementationSpecific + host: + +## in case we need several hosts: + hosts: + # - host: chart-example.local + # paths: ["/"] + # service: chart-example1 + # - host: chart-example.local2 + # service: chart-example1 + # paths: ["/lala"] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + labels: {} + +webhook_ingress: + enabled: false # true to create secondary webhook. + ingressClassName: + apiVersion: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: /* # / for nginx ## this is in case we want several paths under the same host, with different backend services # paths: # - path: "/path1"