2 # Copyright © 2019-2021 Orange, Samsung
3 # Copyright © 2022 Deutsche Telekom
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 {{- define "ingress.config.host" -}}
18 {{- $dot := default . .dot -}}
19 {{- $baseaddr := (required "'baseaddr' param, set to the specific part of the fqdn, is required." .baseaddr) -}}
20 {{- $burl := (required "'baseurl' param, set to the generic part of the fqdn, is required." $dot.Values.global.ingress.virtualhost.baseurl) -}}
21 {{ printf "%s.%s" $baseaddr $burl }}
24 {{- define "ingress.config.port" -}}
25 {{- $dot := default . .dot -}}
26 {{ range .Values.ingress.service }}
27 {{- $baseaddr := (required "'baseaddr' param, set to the specific part of the fqdn, is required." .baseaddr) }}
28 - host: {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
35 {{- if kindIs "string" .port }}
43 pathType: ImplementationSpecific
47 {{- define "istio.config.route" -}}
48 {{- $dot := default . .dot -}}
49 {{ range .Values.ingress.service }}
55 {{- if kindIs "string" .plain_port }}
56 name: {{ .plain_port }}
58 number: {{ .plain_port }}
61 {{- if kindIs "string" .port }}
71 {{- define "ingress.config.annotations.ssl" -}}
72 {{- if .Values.ingress.config -}}
73 {{- if .Values.ingress.config.ssl -}}
74 {{- if eq .Values.ingress.config.ssl "redirect" -}}
75 kubernetes.io/ingress.class: nginx
76 nginx.ingress.kubernetes.io/ssl-passthrough: "true"
77 nginx.ingress.kubernetes.io/ssl-redirect: "true"
78 {{- else if eq .Values.ingress.config.ssl "native" -}}
79 nginx.ingress.kubernetes.io/ssl-redirect: "true"
80 {{- else if eq .Values.ingress.config.ssl "none" -}}
81 nginx.ingress.kubernetes.io/ssl-redirect: "false"
88 {{- define "ingress.config.annotations" -}}
89 {{- if .Values.ingress -}}
90 {{- if .Values.ingress.annotations -}}
91 {{ toYaml .Values.ingress.annotations | indent 4 | trim }}
94 {{ include "ingress.config.annotations.ssl" . | indent 4 | trim }}
97 {{- define "common.ingress._overrideIfDefined" -}}
98 {{- $currValue := .currVal }}
99 {{- $parent := .parent }}
102 {{- if hasKey $parent $var }}
103 {{- default "" (index $parent $var) }}
105 {{- default "" $currValue -}}
108 {{- default "" $currValue }}
112 {{- define "common.ingress" -}}
113 {{- $dot := default . .dot -}}
114 {{- if .Values.ingress -}}
115 {{- $ingressEnabled := default false .Values.ingress.enabled -}}
116 {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" (default (dict) .Values.global.ingress) "var" "enabled") }}
117 {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" .Values.ingress "var" "enabledOverride") }}
118 {{- if $ingressEnabled }}
119 {{- if (include "common.onServiceMesh" .) }}
120 {{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }}
121 {{- $dot := default . .dot -}}
122 apiVersion: networking.istio.io/v1beta1
125 name: {{ include "common.fullname" . }}-gateway
128 istio: ingressgateway # use Istio default gateway implementation
135 {{- range .Values.ingress.service }}{{ $baseaddr := required "baseaddr" .baseaddr }}
136 - {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
138 {{- if .Values.global.ingress.config }}
139 {{- if .Values.global.ingress.config.ssl }}
140 {{- if eq .Values.global.ingress.config.ssl "redirect" }}
148 {{- if .Values.global.ingress.config }}
149 {{- if .Values.global.ingress.config.tls }}
150 credentialName: {{ default "ingress-tls-secret" .Values.global.ingress.config.tls.secret }}
152 credentialName: "ingress-tls-secret"
155 credentialName: "ingress-tls-secret"
159 {{- range .Values.ingress.service }}{{ $baseaddr := required "baseaddr" .baseaddr }}
160 - {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
166 apiVersion: networking.istio.io/v1beta1
169 name: {{ include "common.fullname" . }}-service
172 {{- range .Values.ingress.service }}{{ $baseaddr := required "baseaddr" .baseaddr }}
173 - {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
176 - {{ include "common.fullname" . }}-gateway
177 {{ include "istio.config.route" . | trim }}
180 apiVersion: networking.k8s.io/v1
183 name: {{ include "common.fullname" . }}-ingress
185 {{ include "ingress.config.annotations" . }}
187 app: {{ .Chart.Name }}
188 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
189 release: {{ include "common.release" . }}
190 heritage: {{ .Release.Service }}
193 {{ include "ingress.config.port" . | trim }}
194 {{- if .Values.ingress.tls }}
196 {{ toYaml .Values.ingress.tls | indent 4 }}
198 {{- if .Values.ingress.config -}}
199 {{- if .Values.ingress.config.tls -}}
202 {{- range .Values.ingress.service }}{{ $baseaddr := required "baseaddr" .baseaddr }}
203 - {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
205 secretName: {{ required "secret" (tpl (default "" .Values.ingress.config.tls.secret) $dot) }}