From 3b1c8e106c3bb94de1cf21fd1280f74b4c194cac Mon Sep 17 00:00:00 2001 From: Evgeniy Dmitriev Date: Fri, 15 Sep 2023 00:58:20 +0700 Subject: [PATCH 1/2] DEVOPS-2178: Add Wallarm Node group --- .github/workflows/build.yaml | 2 +- build/dev-env.sh | 12 +++++++++--- charts/ingress-nginx/templates/_helpers.tpl | 8 +++++--- charts/ingress-nginx/values.yaml | 7 +++++++ 4 files changed, 22 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c9debb8a9..9d1bf03a5 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -4,7 +4,7 @@ on: push: branches: - 'main' - - 'stable/4.6' + - 'stable/**' paths: - 'NGINX_BASE' - 'TAG' diff --git a/build/dev-env.sh b/build/dev-env.sh index ec2d1d948..8ea0076d8 100755 --- a/build/dev-env.sh +++ b/build/dev-env.sh @@ -58,9 +58,11 @@ if [[ ${KUBE_CLIENT_VERSION} -lt 24 ]]; then exit 1 fi -echo "[dev-env] building image" -make build image -docker tag "${REGISTRY}/ingress-controller:${TAG}" "${DEV_IMAGE}" +if [ "${SKIP_IMAGE_CREATION:-false}" = "false" ]; then + echo "[dev-env] building image" + make build image + docker tag "${REGISTRY}/ingress-controller:${TAG}" "${DEV_IMAGE}" +fi export K8S_VERSION=${K8S_VERSION:-v1.26.3@sha256:61b92f38dff6ccc29969e7aa154d34e38b89443af1a2c14e6cfbd2df6419c66f} @@ -85,6 +87,10 @@ controller: repository: ${REGISTRY}/ingress-controller tag: ${TAG} digest: + wallarm: + enabled: true + apiHost: ${WALLARM_API_HOST} + token: ${WALLARM_API_TOKEN} config: worker-processes: "1" podLabels: diff --git a/charts/ingress-nginx/templates/_helpers.tpl b/charts/ingress-nginx/templates/_helpers.tpl index 89d5544b6..e3eaf7572 100644 --- a/charts/ingress-nginx/templates/_helpers.tpl +++ b/charts/ingress-nginx/templates/_helpers.tpl @@ -217,9 +217,7 @@ Create the name of the controller service account to use - sh - -c - > - /opt/wallarm/ruby/usr/share/wallarm-common/synccloud --one-time && - /opt/wallarm/ruby/usr/share/wallarm-common/sync-ip-lists --one-time -l STDOUT && - /opt/wallarm/ruby/usr/share/wallarm-common/sync-ip-lists-source --one-time -l STDOUT {{- if eq .Values.controller.wallarm.fallback "on" }} || true {{- end }}; + /opt/wallarm/ruby/usr/share/wallarm-common/register-node --force --batch --no-export-env {{- if eq .Values.controller.wallarm.fallback "on" }} || true {{- end }}; timeout 10m /opt/wallarm/ruby/usr/share/wallarm-common/export-environment -l STDOUT || true env: {{- include "wallarm.credentials" . | nindent 2 }} @@ -233,6 +231,10 @@ Create the name of the controller service account to use value: www-data - name: WALLARM_INGRESS_CONTROLLER_VERSION value: {{ .Chart.Version | quote }} +{{- if .Values.controller.wallarm.nodeGroup }} + - name: WALLARM_LABELS + value: "group={{ .Values.controller.wallarm.nodeGroup }}" +{{- end }} volumeMounts: - mountPath: /etc/wallarm name: wallarm diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index e4ae1c3a1..63616dd69 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -738,6 +738,10 @@ controller: apiPort: 443 apiSSL: true token: "" + ## The name of Node group, required if API token is used to register the Node + ## https://docs.wallarm.com/user-guides/nodes/nodes/#api-and-node-tokens-for-node-creation + ## + nodeGroup: "defaultIngressGroup" ## Existing secret feature allows to pull Wallarm API token from existing Kubernetes secret ## https://docs.wallarm.com/admin-en/configure-kubernetes-en/#controllerwallarmexistingsecret ## @@ -806,6 +810,9 @@ controller: ## wallarm-ingress-controller and wallarm-ingress-controller-tarantool. ## Means that in case of values changing - BOTH pods (controller and tarantool) will be redeployed. addnode: + image: + repository: wallarm/ingress-ruby + tag: 4.8.0-1 resources: {} cron: jobs: From 75cb41b0969351e6b4b4916761cf1e2d642d42ea Mon Sep 17 00:00:00 2001 From: Evgeniy Dmitriev Date: Fri, 22 Sep 2023 13:04:19 +0700 Subject: [PATCH 2/2] DEVOPS-2178: bump chart version to 4.6.8 --- charts/ingress-nginx/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/ingress-nginx/Chart.yaml b/charts/ingress-nginx/Chart.yaml index 3a73ad946..58d02eeff 100644 --- a/charts/ingress-nginx/Chart.yaml +++ b/charts/ingress-nginx/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: wallarm-ingress -version: 4.6.7 +version: 4.6.8 appVersion: 4.6.5-1 home: https://github.com/wallarm/ingress description: Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer with Wallarm module