Skip to content

Commit

Permalink
Merge pull request #909 from hashicorp/ingress-class-name
Browse files Browse the repository at this point in the history 
Add ingressClassName for UI
  • Loading branch information
Thomas Eckert authored Dec 8, 2021
2 parents ce6b2a7 + 5a728f4 commit e1badb2
Show file tree
Hide file tree
Showing 4 changed files with 106 additions and 42 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ IMPROVEMENTS:
* Add support for labeling a Kubernetes service with `consul.hashicorp.com/service-ignore` to prevent services from being registered in Consul. [[GH-858](https://github.com/hashicorp/consul-k8s/pull/858)]
* Helm Chart
* Fail an installation/upgrade if WAN federation and Admin Partitions are both enabled. [[GH-892](https://github.com/hashicorp/consul-k8s/issues/892)]
* Add support for setting `ingressClassName` for UI. [[GH-909](https://github.com/hashicorp/consul-k8s/pull/909)]

BUG FIXES:
* Control Plane:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/templates/ui-ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,9 @@ metadata:
{{ tpl .Values.ui.ingress.annotations . | nindent 4 | trim }}
{{- end }}
spec:
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "18" ) }}
ingressClassName: {{ .Values.ui.ingress.ingressClassName }}
{{- end }}
rules:
{{ $global := .Values.global }}
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "19" ) }}
Expand Down
141 changes: 99 additions & 42 deletions charts/consul/test/unit/ui-ingress.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,89 +59,109 @@ load _helpers
[ "${actual}" = "foo.com" ]
}

@test "ui/Ingress: exposes single port 80 when global.tls.enabled=false" {
# todo: test for Kube versions < 1.19 when helm supports --kube-version flag (https://github.com/helm/helm/pull/9040)
# local actual=$(helm template \
# -s templates/ui-ingress.yaml \
# --set 'ui.ingress.enabled=true' \
# --set 'global.tls.enabled=false' \
# --set 'ui.ingress.hosts[0].host=foo.com' \
# --kube-version "1.18" \
# . | tee /dev/stderr |
# yq -r '.spec.rules[0].http.paths[0].backend.servicePort' | tee /dev/stderr)
@test "ui/Ingress: exposes single port 80 when global.tls.enabled=false when Kube version < 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=false' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.18" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].backend.servicePort' | tee /dev/stderr)
[ "${actual}" = "80" ]
}

@test "ui/Ingress: exposes single port 80 when global.tls.enabled=false when Kube version >= 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=false' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.19" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].backend.service.port.number' | tee /dev/stderr)
[ "${actual}" = "80" ]
}

@test "ui/Ingress: exposes single port 443 when global.tls.enabled=true and global.tls.httpsOnly=true" {
# todo: test for Kube versions < 1.19 when helm supports --kube-version flag (https://github.com/helm/helm/pull/9040)
# local actual=$(helm template \
# -s templates/ui-ingress.yaml \
# --set 'ui.ingress.enabled=true' \
# --set 'global.tls.enabled=true' \
# --set 'ui.ingress.hosts[0].host=foo.com' \
# --kube-version "1.18" \
# . | tee /dev/stderr |
# yq -r '.spec.rules[0].http.paths[0].backend.servicePort' | tee /dev/stderr)
@test "ui/Ingress: exposes single port 443 when global.tls.enabled=true and global.tls.httpsOnly=true when Kube version < 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=true' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.18" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].backend.servicePort' | tee /dev/stderr)
[ "${actual}" = "443" ]
}

@test "ui/Ingress: exposes single port 443 when global.tls.enabled=true and global.tls.httpsOnly=true when Kube version >= 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=true' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.19" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].backend.service.port.number' | tee /dev/stderr)
[ "${actual}" = "443" ]
}

@test "ui/Ingress: exposes the port 80 when global.tls.enabled=true and global.tls.httpsOnly=false" {
# todo: test for Kube versions < 1.19 when helm supports --kube-version flag (https://github.com/helm/helm/pull/9040)
# local actual=$(helm template \
# -s templates/ui-ingress.yaml \
# --set 'ui.ingress.enabled=true' \
# --set 'global.tls.enabled=true' \
# --set 'global.tls.httpsOnly=false' \
# --set 'ui.ingress.hosts[0].host=foo.com' \
# --kube-version "1.18" \
# . | tee /dev/stderr |
# yq -r '.spec.rules[0].http.paths[0].backend.servicePort' | tee /dev/stderr)
@test "ui/Ingress: exposes the port 80 when global.tls.enabled=true and global.tls.httpsOnly=false when Kube version < 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=true' \
--set 'global.tls.httpsOnly=false' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.18" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].backend.servicePort' | tee /dev/stderr)
[ "${actual}" = "80" ]
}

@test "ui/Ingress: exposes the port 80 when global.tls.enabled=true and global.tls.httpsOnly=false when Kube version >= 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=true' \
--set 'global.tls.httpsOnly=false' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.19" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[0].backend.service.port.number' | tee /dev/stderr)
[ "${actual}" = "80" ]
}

@test "ui/Ingress: exposes the port 443 when global.tls.enabled=true and global.tls.httpsOnly=false" {
# todo: test for Kube versions < 1.19 when helm supports --kube-version flag (https://github.com/helm/helm/pull/9040)
# local actual=$(helm template \
# -s templates/ui-ingress.yaml \
# --set 'ui.ingress.enabled=true' \
# --set 'global.tls.enabled=true' \
# --set 'global.tls.httpsOnly=false' \
# --set 'ui.ingress.hosts[0].host=foo.com' \
# --kube-version "1.18" \
# . | tee /dev/stderr |
# yq -r '.spec.rules[0].http.paths[1].backend.servicePort' | tee /dev/stderr)
@test "ui/Ingress: exposes the port 443 when global.tls.enabled=true and global.tls.httpsOnly=false when Kube version < 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=true' \
--set 'global.tls.httpsOnly=false' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.18" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[1].backend.servicePort' | tee /dev/stderr)
[ "${actual}" = "443" ]
}

@test "ui/Ingress: exposes the port 443 when global.tls.enabled=true and global.tls.httpsOnly=false when Kube version >= 1.19" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'global.tls.enabled=true' \
--set 'global.tls.httpsOnly=false' \
--set 'ui.ingress.hosts[0].host=foo.com' \
--kube-version "1.19" \
. | tee /dev/stderr |
yq -r '.spec.rules[0].http.paths[1].backend.service.port.number' | tee /dev/stderr)
[ "${actual}" = "443" ]
Expand Down Expand Up @@ -234,3 +254,40 @@ load _helpers
yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr)
[ "${actual}" = "ImplementationSpecific" ]
}

#--------------------------------------------------------------------
# ingressClassName

@test "ui/Ingress: no ingressClassName by default" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
. | tee /dev/stderr |
yq -r '.spec.ingressClassName' | tee /dev/stderr)
[ "${actual}" = "null" ]
}

@test "ui/Ingress: can set ingressClassName" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'ui.ingress.ingressClassName=nginx' \
. | tee /dev/stderr |
yq -r '.spec.ingressClassName' | tee /dev/stderr)
[ "${actual}" = "nginx" ]
}

@test "ui/Ingress: cannot set ingressClassName for Kube version < 1.18" {
cd `chart_dir`
local actual=$(helm template \
-s templates/ui-ingress.yaml \
--set 'ui.ingress.enabled=true' \
--set 'ui.ingress.ingressClassName=nginx' \
--kube-version "1.17" \
. | tee /dev/stderr |
yq -r '.spec.ingressClassName' | tee /dev/stderr)
[ "${actual}" = "null" ]
}

3 changes: 3 additions & 0 deletions charts/consul/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1338,6 +1338,9 @@ ui:
# @type: boolean
enabled: false

# Optionally set the ingressClassName.
ingressClassName: ""

# pathType override - see: https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types
pathType: Prefix

Expand Down

0 comments on commit e1badb2

Please sign in to comment.