From 8518f8321128e5c8b7b21114fa613695119b28f5 Mon Sep 17 00:00:00 2001 From: Jacques ROUSSEL Date: Thu, 31 Jul 2025 18:44:16 +0200 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8(helm)=20add=20the=20ability=20to=20co?= =?UTF-8?q?nfigure=20tls=20secretName?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Yesterday during a deployment, we were unable to configure the tls secretName for ingress. --- src/helm/meet/Chart.yaml | 2 +- src/helm/meet/README.md | 4 ++++ src/helm/meet/templates/ingress.yaml | 2 +- src/helm/meet/templates/ingress_admin.yaml | 1 + src/helm/meet/templates/ingress_posthog.yaml | 2 +- src/helm/meet/templates/ingress_posthog_assets.yaml | 2 +- src/helm/meet/values.yaml | 10 +++++++++- 7 files changed, 18 insertions(+), 5 deletions(-) diff --git a/src/helm/meet/Chart.yaml b/src/helm/meet/Chart.yaml index a946016c..053942e4 100644 --- a/src/helm/meet/Chart.yaml +++ b/src/helm/meet/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v2 type: application name: meet -version: 0.0.9 +version: 0.0.10 diff --git a/src/helm/meet/README.md b/src/helm/meet/README.md index 962cdc89..e23c54f1 100644 --- a/src/helm/meet/README.md +++ b/src/helm/meet/README.md @@ -21,6 +21,7 @@ | `ingress.path` | Path to use for the Ingress | `/` | | `ingress.hosts` | Additional host to configure for the Ingress | `[]` | | `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` | +| `ingress.tls.secretName` | Secret name for TLS config | `nil` | | `ingress.tls.additional[].secretName` | Secret name for additional TLS config | | | `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | | | `ingress.customBackends` | Add custom backends to ingress | `[]` | @@ -30,6 +31,7 @@ | `ingressAdmin.path` | Path to use for the Ingress | `/admin` | | `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` | | `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` | +| `ingressAdmin.tls.secretName` | Secret name for TLS config | `nil` | | `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | | | `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | | | `ingressMedia.enabled` | whether to enable the Ingress or not | `false` | @@ -163,6 +165,7 @@ | `posthog.ingress.path` | URL path prefix for the ingress routes (e.g., /) | `/` | | `posthog.ingress.hosts` | Additional hostnames array to be included in the ingress | `[]` | | `posthog.ingress.tls.enabled` | Enable or disable TLS/HTTPS for the ingress | `true` | +| `posthog.ingress.tls.secretName` | Secret name for TLS config | `nil` | | `posthog.ingress.tls.additional` | Additional TLS configurations for extra hosts/certificates | `[]` | | `posthog.ingress.customBackends` | Custom backend service configurations for the ingress | `[]` | | `posthog.ingress.annotations` | Additional Kubernetes annotations to apply to the ingress | `{}` | @@ -172,6 +175,7 @@ | `posthog.ingressAssets.path` | URL path prefix for the ingress routes (e.g., /) | `/static` | | `posthog.ingressAssets.hosts` | Additional hostnames array to be included in the ingress | `[]` | | `posthog.ingressAssets.tls.enabled` | Enable or disable TLS/HTTPS for the ingress | `true` | +| `posthog.ingressAssets.tls.secretName` | Secret name for TLS config | `nil` | | `posthog.ingressAssets.tls.additional` | Additional TLS configurations for extra hosts/certificates | `[]` | | `posthog.ingressAssets.customBackends` | Custom backend service configurations for the ingress | `[]` | | `posthog.ingressAssets.annotations` | Additional Kubernetes annotations to apply to the ingress | `{}` | diff --git a/src/helm/meet/templates/ingress.yaml b/src/helm/meet/templates/ingress.yaml index 220f9fe6..a6406560 100644 --- a/src/helm/meet/templates/ingress.yaml +++ b/src/helm/meet/templates/ingress.yaml @@ -29,7 +29,7 @@ spec: {{- if .Values.ingress.tls.enabled }} tls: {{- if .Values.ingress.host }} - - secretName: {{ $fullName }}-tls + - secretName: {{ .Values.ingress.tls.secretName | default (printf "%s-tls" $fullName) | quote }} hosts: - {{ .Values.ingress.host | quote }} {{- end }} diff --git a/src/helm/meet/templates/ingress_admin.yaml b/src/helm/meet/templates/ingress_admin.yaml index 404c37c4..a511b5ea 100644 --- a/src/helm/meet/templates/ingress_admin.yaml +++ b/src/helm/meet/templates/ingress_admin.yaml @@ -30,6 +30,7 @@ spec: tls: {{- if .Values.ingressAdmin.host }} - secretName: {{ $fullName }}-tls + - secretName: {{ .Values.ingressAdmin.tls.secretName | default (printf "%s-tls" $fullName) | quote }} hosts: - {{ .Values.ingressAdmin.host | quote }} {{- end }} diff --git a/src/helm/meet/templates/ingress_posthog.yaml b/src/helm/meet/templates/ingress_posthog.yaml index 5707c7d7..2b537886 100644 --- a/src/helm/meet/templates/ingress_posthog.yaml +++ b/src/helm/meet/templates/ingress_posthog.yaml @@ -29,7 +29,7 @@ spec: {{- if .Values.posthog.ingress.tls.enabled }} tls: {{- if .Values.posthog.ingress.host }} - - secretName: {{ $fullName }}-posthog-tls + - secretName: {{ .Values.posthog.ingress.tls.secretName | default (printf "%s-posthog-tls" $fullName) | quote }} hosts: - {{ .Values.posthog.ingress.host | quote }} {{- end }} diff --git a/src/helm/meet/templates/ingress_posthog_assets.yaml b/src/helm/meet/templates/ingress_posthog_assets.yaml index 224dbbf4..abbd5e10 100644 --- a/src/helm/meet/templates/ingress_posthog_assets.yaml +++ b/src/helm/meet/templates/ingress_posthog_assets.yaml @@ -29,7 +29,7 @@ spec: {{- if .Values.posthog.ingressAssets.tls.enabled }} tls: {{- if .Values.posthog.ingressAssets.host }} - - secretName: {{ $fullName }}-posthog-tls + - secretName: {{ .Values.posthog.ingressAssets.tls.secretName | default (printf "%s-posthog-tls" $fullName) | quote }} hosts: - {{ .Values.posthog.ingressAssets.host | quote }} {{- end }} diff --git a/src/helm/meet/values.yaml b/src/helm/meet/values.yaml index dc2e1f00..7b6d03af 100644 --- a/src/helm/meet/values.yaml +++ b/src/helm/meet/values.yaml @@ -38,10 +38,12 @@ ingress: hosts: [] # - chart-example.local ## @param ingress.tls.enabled Weather to enable TLS for the Ingress + ## @param ingress.tls.secretName Secret name for TLS config ## @skip ingress.tls.additional ## @extra ingress.tls.additional[].secretName Secret name for additional TLS config ## @extra ingress.tls.additional[].hosts[] Hosts for additional TLS config tls: + secretName: null enabled: true additional: [] @@ -62,10 +64,12 @@ ingressAdmin: hosts: [ ] # - chart-example.local ## @param ingressAdmin.tls.enabled Weather to enable TLS for the Ingress + ## @param ingressAdmin.tls.secretName Secret name for TLS config ## @skip ingressAdmin.tls.additional ## @extra ingressAdmin.tls.additional[].secretName Secret name for additional TLS config ## @extra ingressAdmin.tls.additional[].hosts[] Hosts for additional TLS config tls: + secretName: null enabled: true additional: [] @@ -87,8 +91,8 @@ ingressMedia: ## @extra ingressMedia.tls.additional[].secretName Secret name for additional TLS config ## @extra ingressMedia.tls.additional[].hosts[] Hosts for additional TLS config tls: - enabled: true secretName: null + enabled: true additional: [] ## @param ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-url @@ -358,6 +362,7 @@ posthog: ## @param posthog.ingress.path URL path prefix for the ingress routes (e.g., /) ## @param posthog.ingress.hosts Additional hostnames array to be included in the ingress ## @param posthog.ingress.tls.enabled Enable or disable TLS/HTTPS for the ingress + ## @param posthog.ingress.tls.secretName Secret name for TLS config ## @param posthog.ingress.tls.additional Additional TLS configurations for extra hosts/certificates ## @param posthog.ingress.customBackends Custom backend service configurations for the ingress ## @param posthog.ingress.annotations Additional Kubernetes annotations to apply to the ingress @@ -368,6 +373,7 @@ posthog: path: / hosts: [ ] tls: + secretName: null enabled: true additional: [ ] @@ -380,6 +386,7 @@ posthog: ## @param posthog.ingressAssets.path URL path prefix for the ingress routes (e.g., /) ## @param posthog.ingressAssets.hosts Additional hostnames array to be included in the ingress ## @param posthog.ingressAssets.tls.enabled Enable or disable TLS/HTTPS for the ingress + ## @param posthog.ingressAssets.tls.secretName Secret name for TLS config ## @param posthog.ingressAssets.tls.additional Additional TLS configurations for extra hosts/certificates ## @param posthog.ingressAssets.customBackends Custom backend service configurations for the ingress ## @param posthog.ingressAssets.annotations Additional Kubernetes annotations to apply to the ingress @@ -390,6 +397,7 @@ posthog: path: /static hosts: [ ] tls: + secretName: null enabled: true additional: [ ]