Support tls for ingress (#5122)

* [stable/gocd] Support tls for ingress * [stable/gocd] Update CHANGELOG for tls support
gocd · Sep 14, 2020 · 4b8ee95 · 4b8ee95
1 parent ae57eb1
commit 4b8ee95
Show file tree

Hide file tree

Showing 13 changed files with 44 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -83,6 +83,8 @@ The following tables list the configurable parameters of the GoCD chart and thei
 | `server.service.nodeHttpsPort`             | GoCD server service node HTTPS port. **Note**: A random nodePort will get assigned if not specified           | `nil`               |  
 | `server.ingress.enabled`                   | Enable/disable GoCD ingress. Allow traffic from outside the cluster via http. Do `kubectl describe ing` to get the public ip to access the gocd server.                                | `true`              |                                                                                     
 | `server.ingress.hosts`                     | GoCD ingress hosts records.                                                                                   | `nil`               |
+| `server.ingress.annotations`               | GoCD ingress annotations.                                                                                     | `{}`                |
+| `server.ingress.tls`                       | GoCD ingress TLS configuration.                                                                               | `[]`                |
 | `server.healthCheck.initialDelaySeconds`   | Initial delays in seconds to start the health checks. **Note**:GoCD server start up time.                     | `90`                |
 | `server.healthCheck.periodSeconds`         | GoCD server heath check interval period.                                                                      | `15`                |
 | `server.healthCheck.failureThreshold`      | Number of unsuccessful attempts made to the GoCD server health check endpoint before restarting.              | `10`                |

diff --git a/gocd/CHANGELOG.md b/gocd/CHANGELOG.md
@@ -1,3 +1,7 @@
+### 1.0.7
+
+* [0c66dbf](https://github.com/kubernetes/charts/commit/0c66dbf): Support TLS for ingress
+
 ### 1.0.6
 
 * [98cead4](https://github.com/kubernetes/charts/commit/98cead4): Bump up application version to 18.3
@@ -24,4 +28,4 @@
 
 ### 1.0.0
 
-* [9323233](https://github.com/kubernetes/charts/commit/9325233): Moved the GoCD Helm chart to stable
+* [9323233](https://github.com/kubernetes/charts/commit/9325233): Moved the GoCD Helm chart to stable
diff --git a/gocd/Chart.yaml b/gocd/Chart.yaml
@@ -1,6 +1,6 @@
 name: gocd
 home: https://www.gocd.org/
-version: 1.0.6
+version: 1.0.7
 appVersion: 18.3.0
 description: GoCD is an open-source continuous delivery server to model and visualize complex workflows with ease.
 icon: https://gocd.github.io/assets/images/go-icon-black-192x192.png

diff --git a/gocd/README.md b/gocd/README.md
@@ -83,6 +83,8 @@ The following tables list the configurable parameters of the GoCD chart and thei
 | `server.service.nodeHttpsPort`             | GoCD server service node HTTPS port. **Note**: A random nodePort will get assigned if not specified           | `nil`               |  
 | `server.ingress.enabled`                   | Enable/disable GoCD ingress. Allow traffic from outside the cluster via http. Do `kubectl describe ing` to get the public ip to access the gocd server.                                | `true`              |                                                                                     
 | `server.ingress.hosts`                     | GoCD ingress hosts records.                                                                                   | `nil`               |
+| `server.ingress.annotations`               | GoCD ingress annotations.                                                                                     | `{}`                |
+| `server.ingress.tls`                       | GoCD ingress TLS configuration.                                                                               | `[]`                |
 | `server.healthCheck.initialDelaySeconds`   | Initial delays in seconds to start the health checks. **Note**:GoCD server start up time.                     | `90`                |
 | `server.healthCheck.periodSeconds`         | GoCD server heath check interval period.                                                                      | `15`                |
 | `server.healthCheck.failureThreshold`      | Number of unsuccessful attempts made to the GoCD server health check endpoint before restarting.              | `10`                |

diff --git a/gocd/templates/NOTES.txt b/gocd/templates/NOTES.txt
@@ -1,9 +1,9 @@
 1. Get the GoCD server URL by running these commands:
 {{- if .Values.server.ingress.enabled }}
     It may take a few minutes before the IP is available to access the GoCD server.
-         echo "GoCD server public IP: http://$(kubectl get ingress {{ template "gocd.fullname" . }}-server --namespace={{ .Release.Namespace }}  -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
+         echo "GoCD server public IP: http{{ if $.Values.server.ingress.tls }}s{{ end }}://$(kubectl get ingress {{ template "gocd.fullname" . }}-server --namespace={{ .Release.Namespace }}  -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
 {{- range .Values.server.ingress.hosts }}
-    http://{{ . }}
+    http{{ if $.Values.server.ingress.tls }}s{{ end }}://{{ . }}
 {{- end }}
 {{- else if contains "NodePort" .Values.server.service.type }}
     export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "gocd.fullname" . }}-server)

diff --git a/gocd/templates/ingress.yaml b/gocd/templates/ingress.yaml
@@ -21,4 +21,8 @@ spec:
     {{- range $host := .Values.server.ingress.hosts }}
     - host: {{ $host }}
     {{- end -}}
+  {{- if .Values.server.ingress.tls }}
+  tls:
+{{ toYaml .Values.server.ingress.tls | indent 4 }}
+  {{- end -}}
 {{- end -}}
diff --git a/gocd/values.yaml b/gocd/values.yaml
@@ -81,6 +81,13 @@ server:
     # server.ingress.hosts is used to create an Ingress record.
 #    hosts:
 #      - ci.example.com
+    annotations:
+      # kubernetes.io/ingress.class: nginx
+      # kubernetes.io/tls-acme: "true"
+    tls:
+    #  - secretName: ci-example-tls
+    #    hosts:
+    #      - ci.example.com
 
   persistence:
     # server.persistence.enabled is the toggle for server volume persistence.

diff --git a/stable/gocd/CHANGELOG.md b/stable/gocd/CHANGELOG.md
@@ -1,3 +1,7 @@
+### 1.0.7
+
+* [0c66dbf](https://github.com/kubernetes/charts/commit/0c66dbf): Support TLS for ingress
+
 ### 1.0.6
 
 * [98cead4](https://github.com/kubernetes/charts/commit/98cead4): Bump up application version to 18.3
@@ -24,4 +28,4 @@
 
 ### 1.0.0
 
-* [9323233](https://github.com/kubernetes/charts/commit/9325233): Moved the GoCD Helm chart to stable
+* [9323233](https://github.com/kubernetes/charts/commit/9325233): Moved the GoCD Helm chart to stable
diff --git a/stable/gocd/Chart.yaml b/stable/gocd/Chart.yaml
@@ -1,6 +1,6 @@
 name: gocd
 home: https://www.gocd.org/
-version: 1.0.6
+version: 1.0.7
 appVersion: 18.3.0
 description: GoCD is an open-source continuous delivery server to model and visualize complex workflows with ease.
 icon: https://gocd.github.io/assets/images/go-icon-black-192x192.png

diff --git a/stable/gocd/README.md b/stable/gocd/README.md
@@ -83,6 +83,8 @@ The following tables list the configurable parameters of the GoCD chart and thei
 | `server.service.nodeHttpsPort`             | GoCD server service node HTTPS port. **Note**: A random nodePort will get assigned if not specified           | `nil`               |  
 | `server.ingress.enabled`                   | Enable/disable GoCD ingress. Allow traffic from outside the cluster via http. Do `kubectl describe ing` to get the public ip to access the gocd server.                                | `true`              |                                                                                     
 | `server.ingress.hosts`                     | GoCD ingress hosts records.                                                                                   | `nil`               |
+| `server.ingress.annotations`               | GoCD ingress annotations.                                                                                     | `{}`                |
+| `server.ingress.tls`                       | GoCD ingress TLS configuration.                                                                               | `[]`                |
 | `server.healthCheck.initialDelaySeconds`   | Initial delays in seconds to start the health checks. **Note**:GoCD server start up time.                     | `90`                |
 | `server.healthCheck.periodSeconds`         | GoCD server heath check interval period.                                                                      | `15`                |
 | `server.healthCheck.failureThreshold`      | Number of unsuccessful attempts made to the GoCD server health check endpoint before restarting.              | `10`                |

diff --git a/stable/gocd/templates/NOTES.txt b/stable/gocd/templates/NOTES.txt
@@ -1,9 +1,9 @@
 1. Get the GoCD server URL by running these commands:
 {{- if .Values.server.ingress.enabled }}
     It may take a few minutes before the IP is available to access the GoCD server.
-         echo "GoCD server public IP: http://$(kubectl get ingress {{ template "gocd.fullname" . }}-server --namespace={{ .Release.Namespace }}  -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
+         echo "GoCD server public IP: http{{ if $.Values.server.ingress.tls }}s{{ end }}://$(kubectl get ingress {{ template "gocd.fullname" . }}-server --namespace={{ .Release.Namespace }}  -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
 {{- range .Values.server.ingress.hosts }}
-    http://{{ . }}
+    http{{ if $.Values.server.ingress.tls }}s{{ end }}://{{ . }}
 {{- end }}
 {{- else if contains "NodePort" .Values.server.service.type }}
     export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "gocd.fullname" . }}-server)

diff --git a/stable/gocd/templates/ingress.yaml b/stable/gocd/templates/ingress.yaml
@@ -21,4 +21,8 @@ spec:
     {{- range $host := .Values.server.ingress.hosts }}
     - host: {{ $host }}
     {{- end -}}
+  {{- if .Values.server.ingress.tls }}
+  tls:
+{{ toYaml .Values.server.ingress.tls | indent 4 }}
+  {{- end -}}
 {{- end -}}
diff --git a/stable/gocd/values.yaml b/stable/gocd/values.yaml
@@ -81,6 +81,13 @@ server:
     # server.ingress.hosts is used to create an Ingress record.
 #    hosts:
 #      - ci.example.com
+    annotations:
+      # kubernetes.io/ingress.class: nginx
+      # kubernetes.io/tls-acme: "true"
+    tls:
+    #  - secretName: ci-example-tls
+    #    hosts:
+    #      - ci.example.com
 
   persistence:
     # server.persistence.enabled is the toggle for server volume persistence.