Skip to content

Commit

Permalink
feat: add support for multiple hosts and tls configurations in ingress (
Browse files Browse the repository at this point in the history
#218)

* feat: add support for multiple hosts and tls configurations in ingress

Signed-off-by: Marcus Söderberg <[email protected]>

* chore(test): add ingress CI tests

Signed-off-by: Marcus Söderberg <[email protected]>

---------

Signed-off-by: Marcus Söderberg <[email protected]>
  • Loading branch information
msoderberg authored Oct 10, 2024
1 parent 9385bf3 commit b2e1d7d
Show file tree
Hide file tree
Showing 8 changed files with 136 additions and 4 deletions.
2 changes: 1 addition & 1 deletion charts/backstage/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,4 @@ sources:
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.9.6
version: 1.10.0
6 changes: 4 additions & 2 deletions charts/backstage/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# Backstage Helm Chart

[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/backstage)](https://artifacthub.io/packages/search?repo=backstage)
![Version: 1.9.6](https://img.shields.io/badge/Version-1.9.6-informational?style=flat-square)
![Version: 1.10.0](https://img.shields.io/badge/Version-1.10.0-informational?style=flat-square)
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)

A Helm chart for deploying a Backstage application
Expand Down Expand Up @@ -158,10 +158,12 @@ Kubernetes: `>= 1.19.0-0`
| global | Global parameters Global Docker image parameters Please, note that this will override the image parameters, including dependencies, configured to use the global value Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass | object | See below |
| global.imagePullSecrets | Global Docker registry secret names as an array </br> E.g. `imagePullSecrets: [myRegistryKeySecretName]` | list | `[]` |
| global.imageRegistry | Global Docker image registry | string | `""` |
| ingress | Ingress parameters | object | `{"annotations":{},"className":"","enabled":false,"host":"","path":"/","tls":{"enabled":false,"secretName":""}}` |
| ingress | Ingress parameters | object | `{"annotations":{},"className":"","enabled":false,"extraHosts":[],"extraTls":[],"host":"","path":"/","tls":{"enabled":false,"secretName":""}}` |
| ingress.annotations | Additional annotations for the Ingress resource | object | `{}` |
| ingress.className | Name of the IngressClass cluster resource which defines which controller will implement the resource (e.g nginx) | string | `""` |
| ingress.enabled | Enable the creation of the ingress resource | bool | `false` |
| ingress.extraHosts | List of additional hostnames to be covered with this ingress record (e.g. a CNAME) <!-- E.g. extraHosts: - name: backstage.env.example.com path: / (Optional) pathType: Prefix (Optional) port: 7007 (Optional) --> | list | `[]` |
| ingress.extraTls | The TLS configuration for additional hostnames to be covered with this ingress record. <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls <!-- E.g. extraTls: - hosts: - backstage.env.example.com secretName: backstage-env --> | list | `[]` |
| ingress.host | Hostname to be used to expose the route to access the backstage application (e.g: backstage.IP.nip.io) | string | `""` |
| ingress.path | Path to be used to expose the full route to access the backstage application (e.g: IP.nip.io/backstage) | string | `"/"` |
| ingress.tls | Ingress TLS parameters | object | `{"enabled":false,"secretName":""}` |
Expand Down
12 changes: 12 additions & 0 deletions charts/backstage/ci/ingress-extraHosts-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
ingress:
enabled: true
host: backstage.example.com
tls:
enabled: true
secretName: "backstage-tls"
extraHosts:
- name: backstage.dev.example.com
extraTls:
- hosts:
- backstage.dev.example.com
secretName: "backstage-dev-tls"
6 changes: 6 additions & 0 deletions charts/backstage/ci/ingress-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
ingress:
enabled: true
host: backstage.example.com
tls:
enabled: true
secretName: "backstage-tls"
19 changes: 18 additions & 1 deletion charts/backstage/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,16 @@ spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className | quote }}
{{- end }}
{{- if .Values.ingress.tls.enabled }}
{{- if or .Values.ingress.tls.enabled .Values.ingress.extraTls }}
tls:
{{- if .Values.ingress.tls.enabled }}
- hosts:
- {{ include "common.tplvalues.render" ( dict "value" .Values.ingress.host "context" $ ) }}
secretName: {{ include "common.tplvalues.render" ( dict "value" .Values.ingress.tls.secretName "context" $ ) }}
{{- end }}
{{- if .Values.ingress.extraTls }}
{{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
rules:
- host: {{ include "common.tplvalues.render" ( dict "value" .Values.ingress.host "context" $ ) }}
Expand All @@ -37,4 +42,16 @@ spec:
name: {{ include "common.names.fullname" . }}
port:
number: {{ .Values.service.ports.backend }}
{{- range .Values.ingress.extraHosts }}
- host: {{ .name | quote }}
http:
paths:
- path: {{ default $.Values.ingress.path .path }}
pathType: {{ default "Prefix" .pathType }}
backend:
service:
name: {{ include "common.names.fullname" $ }}
port:
number: {{ default $.Values.service.ports.backend .port }}
{{- end }}
{{- end }}
46 changes: 46 additions & 0 deletions charts/backstage/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -6124,6 +6124,52 @@
"title": "Enable the creation of the ingress resource",
"type": "boolean"
},
"extraHosts": {
"default": [],
"items": {
"additionalProperties": false,
"properties": {
"name": {
"type": "string"
},
"path": {
"type": "string"
},
"pathType": {
"type": "string"
},
"port": {
"type": "integer"
}
},
"type": "object"
},
"title": "List of additional hostnames to be covered with this ingress record",
"type": "array"
},
"extraTls": {
"default": [],
"items": {
"description": "IngressTLS describes the transport layer security associated with an ingress.",
"properties": {
"hosts": {
"description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.",
"items": {
"type": "string"
},
"type": "array",
"x-kubernetes-list-type": "atomic"
},
"secretName": {
"description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.",
"type": "string"
}
},
"type": "object"
},
"title": "The TLS configuration for additional hostnames to be covered with this ingress record.",
"type": "array"
},
"host": {
"default": "",
"examples": [
Expand Down
31 changes: 31 additions & 0 deletions charts/backstage/values.schema.tmpl.json
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,29 @@
"backstage.10.0.0.1.nip.io"
]
},
"extraHosts": {
"title": "List of additional hostnames to be covered with this ingress record",
"type": "array",
"default": [],
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"name": {
"type": "string"
},
"path": {
"type": "string"
},
"pathType": {
"type": "string"
},
"port": {
"type": "integer"
}
}
}
},
"path": {
"title": "Path to be used to expose the full route to access the backstage application.",
"type": "string",
Expand All @@ -168,6 +191,14 @@
"default": ""
}
}
},
"extraTls": {
"title": "The TLS configuration for additional hostnames to be covered with this ingress record.",
"type": "array",
"items": {
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/master/_definitions.json#/definitions/io.k8s.api.networking.v1.IngressTLS"
},
"default": []
}
}
},
Expand Down
18 changes: 18 additions & 0 deletions charts/backstage/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,15 @@ ingress:
# -- Hostname to be used to expose the route to access the backstage application (e.g: backstage.IP.nip.io)
host: ""

# -- List of additional hostnames to be covered with this ingress record (e.g. a CNAME)
# <!-- E.g.
# extraHosts:
# - name: backstage.env.example.com
# path: / (Optional)
# pathType: Prefix (Optional)
# port: 7007 (Optional) -->
extraHosts: []

# -- Path to be used to expose the full route to access the backstage application (e.g: IP.nip.io/backstage)
path: "/"

Expand All @@ -79,6 +88,15 @@ ingress:
# -- The name to which the TLS Secret will be called
secretName: ""

# -- The TLS configuration for additional hostnames to be covered with this ingress record.
# <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
# <!-- E.g.
# extraTls:
# - hosts:
# - backstage.env.example.com
# secretName: backstage-env -->
extraTls: []

# -- Backstage parameters
# @default -- See below
backstage:
Expand Down

0 comments on commit b2e1d7d

Please sign in to comment.