diff --git a/src/helm/env.d/dev/values.meet.yaml.gotmpl b/src/helm/env.d/dev/values.meet.yaml.gotmpl index a53d446e..ab10c245 100644 --- a/src/helm/env.d/dev/values.meet.yaml.gotmpl +++ b/src/helm/env.d/dev/values.meet.yaml.gotmpl @@ -102,3 +102,6 @@ posthog: ingress: enabled: false + ingressAssets: + enabled: false + diff --git a/src/helm/env.d/production/values.meet.yaml.gotmpl b/src/helm/env.d/production/values.meet.yaml.gotmpl index d2b10543..e7a0c633 100644 --- a/src/helm/env.d/production/values.meet.yaml.gotmpl +++ b/src/helm/env.d/production/values.meet.yaml.gotmpl @@ -138,3 +138,11 @@ posthog: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/upstream-vhost: eu.i.posthog.com nginx.ingress.kubernetes.io/backend-protocol: https + + ingressAssets: + enabled: true + host: product.visio.numerique.gouv.fr + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/upstream-vhost: eu-assets.i.posthog.com + nginx.ingress.kubernetes.io/backend-protocol: https diff --git a/src/helm/env.d/staging/values.meet.yaml.gotmpl b/src/helm/env.d/staging/values.meet.yaml.gotmpl index 87caeecd..96e4f80e 100644 --- a/src/helm/env.d/staging/values.meet.yaml.gotmpl +++ b/src/helm/env.d/staging/values.meet.yaml.gotmpl @@ -148,3 +148,11 @@ posthog: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/upstream-vhost: eu.i.posthog.com nginx.ingress.kubernetes.io/backend-protocol: https + + ingressAssets: + enabled: true + host: product.visio-staging.beta.numerique.gouv.fr + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/upstream-vhost: eu-assets.i.posthog.com + nginx.ingress.kubernetes.io/backend-protocol: https diff --git a/src/helm/meet/templates/ingress_posthog.yaml b/src/helm/meet/templates/ingress_posthog.yaml index 318892fb..5707c7d7 100644 --- a/src/helm/meet/templates/ingress_posthog.yaml +++ b/src/helm/meet/templates/ingress_posthog.yaml @@ -60,20 +60,6 @@ spec: serviceName: {{ include "meet.posthog.fullname" . }}-proxy servicePort: {{ .Values.posthog.service.port }} {{- end }} - - path: {{ .Values.posthog.ingress.pathAssets }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "meet.posthog.fullname" . }}-assets-proxy - port: - number: {{ .Values.posthog.assetsService.port }} - {{- else }} - serviceName: {{ include "meet.posthog.fullname" . }} - servicePort: {{ .Values.posthog.assetsService.port }} - {{- end }} {{- end }} {{- range .Values.posthog.ingress.hosts }} - host: {{ . | quote }} @@ -93,20 +79,6 @@ spec: serviceName: {{ include "meet.posthog.fullname" . }}-proxy servicePort: {{ $.Values.posthog.service.port }} {{- end }} - - path: {{ .Values.posthog.ingress.pathAssets }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "meet.posthog.fullname" . }}-assets-proxy - port: - number: {{ $.Values.posthog.assetsService.service.port }} - {{- else }} - serviceName: {{ include "meet.posthog.fullname" . }}-assets-proxy - servicePort: {{ $.Values.posthog.assetsService.service.port }} - {{- end }} {{- with $.Values.posthog.assetsService.customBackends }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/src/helm/meet/templates/ingress_posthog_assets.yaml b/src/helm/meet/templates/ingress_posthog_assets.yaml new file mode 100644 index 00000000..224dbbf4 --- /dev/null +++ b/src/helm/meet/templates/ingress_posthog_assets.yaml @@ -0,0 +1,87 @@ +{{- if .Values.posthog.ingressAssets.enabled -}} +{{- $fullName := include "meet.fullname" . -}} +{{- if and .Values.posthog.ingressAssets.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class" .Values.posthog.ingressAssets.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }}-posthog-assets + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "meet.labels" . | nindent 4 }} + {{- with .Values.posthog.ingressAssets.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.posthog.ingressAssets.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.posthog.ingressAssets.className }} + {{- end }} + {{- if .Values.posthog.ingressAssets.tls.enabled }} + tls: + {{- if .Values.posthog.ingressAssets.host }} + - secretName: {{ $fullName }}-posthog-tls + hosts: + - {{ .Values.posthog.ingressAssets.host | quote }} + {{- end }} + {{- range .Values.posthog.ingressAssets.tls.additional }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- if .Values.posthog.ingressAssets.host }} + - host: {{ .Values.posthog.ingressAssets.host | quote }} + http: + paths: + - path: {{ .Values.posthog.ingressAssets.path }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "meet.posthog.fullname" . }}-assets-proxy + port: + number: {{ .Values.posthog.assetsService.port }} + {{- else }} + serviceName: {{ include "meet.posthog.fullname" . }} + servicePort: {{ .Values.posthog.assetsService.port }} + {{- end }} + {{- end }} + {{- range .Values.posthog.ingressAssets.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $.Values.posthog.ingressAssets.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "meet.posthog.fullname" . }}-assets-proxy + port: + number: {{ $.Values.posthog.assetsService.service.port }} + {{- else }} + serviceName: {{ include "meet.posthog.fullname" . }}-assets-proxy + servicePort: {{ $.Values.posthog.assetsService.service.port }} + {{- end }} + {{- with $.Values.posthog.assetsService.customBackends }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} +{{- end }} + diff --git a/src/helm/meet/templates/posthog_assets_svc.yaml b/src/helm/meet/templates/posthog_assets_svc.yaml index 201a93b0..c1e74d8e 100644 --- a/src/helm/meet/templates/posthog_assets_svc.yaml +++ b/src/helm/meet/templates/posthog_assets_svc.yaml @@ -1,4 +1,4 @@ -{{- if .Values.posthog.ingress.enabled -}} +{{- if .Values.posthog.ingressAssets.enabled -}} {{- $envVars := include "meet.common.env" (list . .Values.posthog) -}} {{- $fullName := include "meet.posthog.fullname" . -}} {{- $component := "posthog" -}} diff --git a/src/helm/meet/values.yaml b/src/helm/meet/values.yaml index 2363d9eb..5d077c1c 100644 --- a/src/helm/meet/values.yaml +++ b/src/helm/meet/values.yaml @@ -273,7 +273,19 @@ posthog: className: null host: meet.example.com path: / - pathAssets: /static + hosts: [ ] + tls: + enabled: true + additional: [ ] + + customBackends: [ ] + annotations: {} + + ingressAssets: + enabled: false + className: null + host: meet.example.com + path: /static hosts: [ ] tls: enabled: true