feat: Align chart for ingress TLS configuration(#178)

epam · May 17, 2024 · 6399879 · 6399879
1 parent f35ea18
commit 6399879
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 4 deletions.
diff --git a/charts/pipelines-library/README.md b/charts/pipelines-library/README.md
@@ -80,7 +80,8 @@ Follows [Tekton Interceptor](https://tekton.dev/vault/triggers-main/clusterinter
 | dashboard.image.tag | string | `"v0.43.1"` | Define tekton dashboard docker image tag |
 | dashboard.ingress.annotations | object | `{}` | Annotations for Ingress resource |
 | dashboard.ingress.enabled | bool | `true` | Enable external endpoint access. Default Ingress/Route host pattern: tekton-{{ .Release.Namespace }}.{{ .Values.global.dnsWildCard }} |
-| dashboard.ingress.tls | list | `[]` | Uncomment it to enable tekton-dashboard OIDC on EKS cluster nginx.ingress.kubernetes.io/auth-signin: 'https://<oauth-ingress-host>/oauth2/start?rd=https://$host$request_uri' nginx.ingress.kubernetes.io/auth-url: 'http://oauth2-proxy.<edp-project>.svc.cluster.local:8080/oauth2/auth' |
+| dashboard.ingress.host | string | `""` | If not defined the will create by pattern "portal-[namespace].[global DNS wildcard]" |
+| dashboard.ingress.tls | list | `[]` | If hosts not defined the will create by pattern "portal-[namespace].[global DNS wildcard]" |
 | dashboard.nameOverride | string | `"tekton-dashboard"` |  |
 | dashboard.nodeSelector | object | `{}` | Node labels for pod assignment |
 | dashboard.openshift_proxy | object | `{"enabled":false,"image":{"repository":"quay.io/openshift/origin-oauth-proxy","tag":"4.9.0"},"resources":{"limits":{"cpu":"60m","memory":"70Mi"},"requests":{"cpu":"50m","memory":"40Mi"}}}` | For EKS scenario - uncomment dashboard.ingress.annotations block |

diff --git a/charts/pipelines-library/templates/dashboard/_helpers.tpl b/charts/pipelines-library/templates/dashboard/_helpers.tpl
@@ -32,3 +32,10 @@ Selector labels
 app.kubernetes.io/name: {{ include "tekton-dashboard.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
+
+{{/*
+Define tekton-dashboard URL
+*/}}
+{{- define "tekton-dashboard.url" -}}
+{{- printf "tekton-%s.%s" .Release.Namespace .Values.global.dnsWildCard  }}
+{{- end }}
diff --git a/charts/pipelines-library/templates/dashboard/ingress.yaml b/charts/pipelines-library/templates/dashboard/ingress.yaml
@@ -20,14 +20,20 @@ spec:
   tls:
     {{- range .Values.dashboard.ingress.tls }}
     - hosts:
-        {{- range .hosts }}
-        - {{ . | quote }}
+        {{- if .hosts }}
+        {{- toYaml .hosts | nindent 8 }}
+        {{- else }}
+        - {{ include "tekton-dashboard.url" $ }}
         {{- end }}
       secretName: {{ .secretName }}
     {{- end }}
   {{- end }}
   rules:
-    - host: tekton-{{ .Release.Namespace }}.{{ .Values.global.dnsWildCard }}
+    {{- if .Values.dashboard.ingress.host }}
+    - host: {{ .Values.dashboard.ingress.host }}
+    {{- else}}
+    - host: {{ include "tekton-dashboard.url" . }}
+    {{- end}}
       http:
         paths:
           - path: /

diff --git a/charts/pipelines-library/values.yaml b/charts/pipelines-library/values.yaml
@@ -324,6 +324,11 @@ dashboard:
       # -- Uncomment it to enable tekton-dashboard OIDC on EKS cluster
       # nginx.ingress.kubernetes.io/auth-signin: 'https://<oauth-ingress-host>/oauth2/start?rd=https://$host$request_uri'
       # nginx.ingress.kubernetes.io/auth-url: 'http://oauth2-proxy.<edp-project>.svc.cluster.local:8080/oauth2/auth'
+    # -- Defines the base URL for the tekton.
+    # -- If not defined the will create by pattern "tekton-[namespace].[global DNS wildcard]"
+    host: ""
+    # -- Ingress TLS configuration
+    # -- If hosts not defined the will create by pattern "tekton-[namespace].[global DNS wildcard]"
     tls: []
     #  - secretName: chart-example-tls
     #    hosts: