charts: softserve support network, ingress with source port, keyless

commit: 5f7d441af6b0c3d3aa7742d3612a8bad63389073 [log] [tgz]
author: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Tue Jul 11 17:45:11 2023 +0400
committer: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Tue Jul 11 18:47:10 2023 +0400
tree: bf762c9dca8e5c5bd07ab649f3d873c9e1f7f0bc
parent: 1506a4f79a878af09babf2bd27ec16cb813fefe5 [diff]
diff --git a/charts/soft-serve/templates/ingress.yaml b/charts/soft-serve/templates/ingress.yaml
new file mode 100644
index 0000000..490a5b3
--- /dev/null
+++ b/charts/soft-serve/templates/ingress.yaml

@@ -0,0 +1,31 @@
+{{ if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress
+  namespace: {{ .Release.Namespace }}
+  {{- if .Values.ingress.certificateIssuer }}
+  annotations:
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer }}
+  {{- end }}
+spec:
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+  {{- if .Values.ingress.certificateIssuer }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.domain }}
+    secretName: cert-soft-serve
+  {{- end }}
+  rules:
+  - host: {{ .Values.ingress.domain }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: soft-serve
+            port:
+              name: http
+{{ end }}

diff --git a/charts/soft-serve/templates/keys.yaml b/charts/soft-serve/templates/keys.yaml
index 5a89250..6ba4849 100644
--- a/charts/soft-serve/templates/keys.yaml
+++ b/charts/soft-serve/templates/keys.yaml

@@ -1,3 +1,4 @@
+{{ if and .Values.privateKey .Values.publicKey }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -6,3 +7,4 @@
 data:
   key: {{ toYaml .Values.privateKey | indent 2 }}
   key.pub: {{ toYaml .Values.publicKey | indent 2 }}
+{{ end }}

diff --git a/charts/soft-serve/templates/service-transport.yaml b/charts/soft-serve/templates/service-transport.yaml
new file mode 100644
index 0000000..969fbbe
--- /dev/null
+++ b/charts/soft-serve/templates/service-transport.yaml

@@ -0,0 +1,13 @@
+{{ if .Values.ingress.enabled }}
+apiVersion: transport.dodo.cloud/v1
+kind: ServiceTransport
+metadata:
+  name: ingress-transport
+  namespace: {{ .Release.Namespace }}
+spec:
+  port: {{ .Values.port }}
+  sourcePort: {{ .Values.ingress.sourcePort }}
+  protocol: TCP
+  service: soft-serve
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+{{ end }}

diff --git a/charts/soft-serve/templates/service.yaml b/charts/soft-serve/templates/service.yaml
index c1e3326..13c3f52 100644
--- a/charts/soft-serve/templates/service.yaml
+++ b/charts/soft-serve/templates/service.yaml

@@ -4,7 +4,12 @@
   name: soft-serve
   namespace: {{ .Release.Namespace }}
   annotations:
+    {{ if .Values.reservedIP }}
     metallb.universe.tf/loadBalancerIPs: {{ .Values.reservedIP }}
+    {{ end }}
+    {{ if .Values.addressPool }}
+    metallb.universe.tf/address-pool: {{ .Values.addressPool }}
+    {{ end }}
 spec:
   type: LoadBalancer
   selector:
@@ -13,3 +18,9 @@
   - name: ssh
     port: {{ .Values.port }}
     protocol: TCP
+  {{ if .Values.ingress.enabled }}
+  - name: http
+    port: 80
+    targetPort: http
+    protocol: TCP
+  {{ end }}

diff --git a/charts/soft-serve/templates/stateful-set.yaml b/charts/soft-serve/templates/stateful-set.yaml
index 1436ec8..891e828 100644
--- a/charts/soft-serve/templates/stateful-set.yaml
+++ b/charts/soft-serve/templates/stateful-set.yaml

@@ -18,9 +18,11 @@
       - name: data
         persistentVolumeClaim:
           claimName: data
+      {{ if and .Values.privateKey .Values.publicKey }}
       - name: keys
         configMap:
           name: keys
+      {{ end }}
       containers:
       - name: soft-serve
         image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
@@ -30,18 +32,31 @@
           value: ":{{ .Values.port }}"
         - name: SOFT_SERVE_INITIAL_ADMIN_KEYS
           value: "{{ .Values.adminKey }}"
+        {{ if and .Values.privateKey .Values.publicKey }}
         - name: SOFT_SERVE_SSH_KEY_PATH
           value: /.ssh/key
+        {{ end }}
         - name: SOFT_SERVE_DATA_PATH
           value: /var/lib/soft-serve/repos
+        {{ if .Values.ingress.enabled }}
+        - name: SOFT_SERVE_HTTP_LISTEN_ADDR
+          value: ":80"
+        - name: SOFT_SERVE_HTTP_PUBLIC_URL
+          value: "http://{{ .Values.ingress.domain }}"
+        {{ end }}
         ports:
         - name: ssh
           containerPort: {{ .Values.port }}
           protocol: TCP
+        - name: http
+          containerPort: 80
+          protocol: TCP
         volumeMounts:
         - name: data
           mountPath: /var/lib/soft-serve
           readOnly: false
+        {{ if and .Values.privateKey .Values.publicKey }}
         - name: keys
           mountPath: /.ssh
           readOnly: true
+        {{ end }}

diff --git a/charts/soft-serve/values.yaml b/charts/soft-serve/values.yaml
index 2188afb..a9911f4 100644
--- a/charts/soft-serve/values.yaml
+++ b/charts/soft-serve/values.yaml

@@ -8,4 +8,11 @@
 privateKey: ""
 publicKey: ""
 adminKey: ""
-reservedIP: 192.168.0.100
+reservedIP: ""
+addressPool: ""
+ingress:
+  enabled: false
+  domain: git.p.example.com
+  ingressClassName: example-ingress-private
+  certificateIssuer: ""
+  sourcePort: 0
commit	5f7d441af6b0c3d3aa7742d3612a8bad63389073	[log] [tgz]
author	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Tue Jul 11 17:45:11 2023 +0400
committer	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Tue Jul 11 18:47:10 2023 +0400
tree	bf762c9dca8e5c5bd07ab649f3d873c9e1f7f0bc
parent	1506a4f79a878af09babf2bd27ec16cb813fefe5 [diff]