chart: ingress-nginx update version
diff --git a/charts/ingress-nginx/templates/controller-daemonset.yaml b/charts/ingress-nginx/templates/controller-daemonset.yaml
index 68291ed..bce21a7 100644
--- a/charts/ingress-nginx/templates/controller-daemonset.yaml
+++ b/charts/ingress-nginx/templates/controller-daemonset.yaml
@@ -33,8 +33,11 @@
{{- end }}
{{- end }}
labels:
- {{- include "ingress-nginx.selectorLabels" . | nindent 8 }}
+ {{- include "ingress-nginx.labels" . | nindent 8 }}
app.kubernetes.io/component: controller
+ {{- with .Values.controller.labels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
{{- if .Values.controller.podLabels }}
{{- toYaml .Values.controller.podLabels | nindent 8 }}
{{- end }}
@@ -65,77 +68,21 @@
value: {{ $value | quote }}
{{- end }}
{{- end }}
+ {{- if .Values.controller.shareProcessNamespace }}
+ shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }}
+ {{- end }}
containers:
- name: {{ .Values.controller.containerName }}
{{- with .Values.controller.image }}
- image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ .image }}{{- end -}}:{{ .tag }}{{- if (.digest) -}} @{{.digest}} {{- end -}}"
+ image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ include "ingress-nginx.image" . }}{{- end -}}:{{ .tag }}{{ include "ingress-nginx.imageDigest" . }}"
{{- end }}
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
{{- if .Values.controller.lifecycle }}
lifecycle: {{ toYaml .Values.controller.lifecycle | nindent 12 }}
{{- end }}
args:
- - /nginx-ingress-controller
- {{- if .Values.defaultBackend.enabled }}
- - --default-backend-service=$(POD_NAMESPACE)/{{ include "ingress-nginx.defaultBackend.fullname" . }}
- {{- end }}
- {{- if .Values.controller.publishService.enabled }}
- - --publish-service={{ template "ingress-nginx.controller.publishServicePath" . }}
- {{- end }}
- - --election-id={{ .Values.controller.electionID }}
- - --controller-class={{ .Values.controller.ingressClassResource.controllerValue }}
- - --configmap={{ default "$(POD_NAMESPACE)" .Values.controller.configMapNamespace }}/{{ include "ingress-nginx.controller.fullname" . }}
- {{- if .Values.tcp }}
- - --tcp-services-configmap={{ default "$(POD_NAMESPACE)" .Values.controller.tcp.configMapNamespace }}/{{ include "ingress-nginx.fullname" . }}-tcp
- {{- end }}
- {{- if .Values.udp }}
- - --udp-services-configmap={{ default "$(POD_NAMESPACE)" .Values.controller.udp.configMapNamespace }}/{{ include "ingress-nginx.fullname" . }}-udp
- {{- end }}
- {{- if .Values.controller.scope.enabled }}
- - --watch-namespace={{ default "$(POD_NAMESPACE)" .Values.controller.scope.namespace }}
- {{- end }}
- {{- if and .Values.controller.reportNodeInternalIp .Values.controller.hostNetwork }}
- - --report-node-internal-ip-address={{ .Values.controller.reportNodeInternalIp }}
- {{- end }}
- {{- if .Values.controller.admissionWebhooks.enabled }}
- - --validating-webhook=:{{ .Values.controller.admissionWebhooks.port }}
- - --validating-webhook-certificate={{ .Values.controller.admissionWebhooks.certificate }}
- - --validating-webhook-key={{ .Values.controller.admissionWebhooks.key }}
- {{- end }}
- {{- if .Values.controller.maxmindMirror }}
- - --maxmind-mirror={{ .Values.controller.maxmindMirror }}
- {{- end}}
- {{- if .Values.controller.maxmindLicenseKey }}
- - --maxmind-license-key={{ .Values.controller.maxmindLicenseKey }}
- {{- end }}
- {{- if not (eq .Values.controller.healthCheckPath "/healthz") }}
- - --health-check-path={{ .Values.controller.healthCheckPath }}
- {{- end }}
- {{- if .Values.controller.healthCheckHost }}
- - --healthz-host={{ .Values.controller.healthCheckHost }}
- {{- end }}
- {{- if .Values.controller.ingressClassByName }}
- - --ingress-class-by-name=true
- {{- end }}
- {{- if .Values.controller.watchIngressWithoutClass }}
- - --watch-ingress-without-class=true
- {{- end }}
- {{- range $key, $value := .Values.controller.extraArgs }}
- {{- /* Accept keys without values or with false as value */}}
- {{- if eq ($value | quote | len) 2 }}
- - --{{ $key }}
- {{- else }}
- - --{{ $key }}={{ $value }}
- {{- end }}
- {{- end }}
- securityContext:
- capabilities:
- drop:
- - ALL
- add:
- - NET_BIND_SERVICE
- runAsUser: {{ .Values.controller.image.runAsUser }}
- allowPrivilegeEscalation: {{ .Values.controller.image.allowPrivilegeEscalation }}
+ {{- include "ingress-nginx.params" . | nindent 12 }}
+ securityContext: {{ include "controller.containerSecurityContext" . | nindent 12 }}
env:
- name: POD_NAME
valueFrom:
@@ -155,8 +102,12 @@
{{- if .Values.controller.startupProbe }}
startupProbe: {{ toYaml .Values.controller.startupProbe | nindent 12 }}
{{- end }}
+ {{- if .Values.controller.livenessProbe }}
livenessProbe: {{ toYaml .Values.controller.livenessProbe | nindent 12 }}
+ {{- end }}
+ {{- if .Values.controller.readinessProbe }}
readinessProbe: {{ toYaml .Values.controller.readinessProbe | nindent 12 }}
+ {{- end }}
ports:
{{- range $key, $value := .Values.controller.containerPort }}
- name: {{ $key }}
@@ -167,7 +118,7 @@
{{- end }}
{{- end }}
{{- if .Values.controller.metrics.enabled }}
- - name: metrics
+ - name: {{ .Values.controller.metrics.portName }}
containerPort: {{ .Values.controller.metrics.port }}
protocol: TCP
{{- end }}
@@ -177,7 +128,7 @@
protocol: TCP
{{- end }}
{{- range $key, $value := .Values.tcp }}
- - name: {{ $key }}-tcp
+ - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp
containerPort: {{ $key }}
protocol: TCP
{{- if $.Values.controller.hostPort.enabled }}
@@ -185,15 +136,19 @@
{{- end }}
{{- end }}
{{- range $key, $value := .Values.udp }}
- - name: {{ $key }}-udp
+ - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp
containerPort: {{ $key }}
protocol: UDP
{{- if $.Values.controller.hostPort.enabled }}
hostPort: {{ $key }}
{{- end }}
{{- end }}
- {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled) }}
+ {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules) }}
volumeMounts:
+ {{- if .Values.controller.extraModules }}
+ - name: modules
+ mountPath: /modules_mount
+ {{- end }}
{{- if .Values.controller.customTemplate.configMapName }}
- mountPath: /etc/nginx/template
name: nginx-template-volume
@@ -214,8 +169,23 @@
{{- if .Values.controller.extraContainers }}
{{ toYaml .Values.controller.extraContainers | nindent 8 }}
{{- end }}
- {{- if .Values.controller.extraInitContainers }}
- initContainers: {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
+
+
+ {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules) }}
+ initContainers:
+ {{- if .Values.controller.extraInitContainers }}
+ {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
+ {{- end }}
+ {{- if .Values.controller.extraModules }}
+ {{- range .Values.controller.extraModules }}
+ {{ $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }}
+{{ include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext) | indent 8 }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.controller.opentelemetry.enabled}}
+ {{ $otelContainerSecurityContext := $.Values.controller.opentelemetry.containerSecurityContext | default $.Values.controller.containerSecurityContext }}
+ {{- include "extraModules" (dict "name" "opentelemetry" "image" .Values.controller.opentelemetry.image "containerSecurityContext" $otelContainerSecurityContext) | nindent 8}}
+ {{- end}}
{{- end }}
{{- if .Values.controller.hostNetwork }}
hostNetwork: {{ .Values.controller.hostNetwork }}
@@ -234,8 +204,12 @@
{{- end }}
serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }}
terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
- {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes) }}
+ {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }}
volumes:
+ {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}}
+ - name: modules
+ emptyDir: {}
+ {{- end }}
{{- if .Values.controller.customTemplate.configMapName }}
- name: nginx-template-volume
configMap:
@@ -248,6 +222,13 @@
- name: webhook-cert
secret:
secretName: {{ include "ingress-nginx.fullname" . }}-admission
+ {{- if .Values.controller.admissionWebhooks.certManager.enabled }}
+ items:
+ - key: tls.crt
+ path: cert
+ - key: tls.key
+ path: key
+ {{- end }}
{{- end }}
{{- if .Values.controller.extraVolumes }}
{{ toYaml .Values.controller.extraVolumes | nindent 8 }}