no message
This commit is contained in:
Kjeld Schouten-Lebbing
@ -0,0 +1,32 @@
|
||||
{{/*
|
||||
Retrieve true/false if certificate is configured
|
||||
*/}}
|
||||
{{- define "common.resources.cert.available" -}}
|
||||
{{- if .ObjectValues.certHolder.certificate -}}
|
||||
{{- $values := (. | mustDeepCopy) -}}
|
||||
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.ObjectValues.certHolder.certificate) -}}
|
||||
{{- template "common.resources.cert_present" $values -}}
|
||||
{{- else -}}
|
||||
{{- false -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/*
|
||||
Retrieve public key of certificate
|
||||
*/}}
|
||||
{{- define "common.resources.cert.publicKey" -}}
|
||||
{{- $values := (. | mustDeepCopy) -}}
|
||||
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.ObjectValues.certHolder.certificate "publicKey" true) -}}
|
||||
{{ include "common.resources.cert" $values }}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/*
|
||||
Retrieve private key of certificate
|
||||
*/}}
|
||||
{{- define "common.resources.cert.privateKey" -}}
|
||||
{{- $values := (. | mustDeepCopy) -}}
|
||||
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.ObjectValues.certHolder.certificate) -}}
|
||||
{{ include "common.resources.cert" $values }}
|
||||
{{- end -}}
|
||||
@ -0,0 +1,25 @@
|
||||
{{- define "common.resources.cert.secret" -}}
|
||||
|
||||
|
||||
{{- $secretName := include "common.names.fullname" . -}}
|
||||
|
||||
{{- if .ObjectValues.certHolder -}}
|
||||
{{- if hasKey .ObjectValues.certHolder "nameSuffix" -}}
|
||||
{{- $secretName = printf "%v-%v" $secretName .ObjectValues.certHolder.nameSuffix -}}
|
||||
{{ end -}}
|
||||
{{ else }}
|
||||
{{- $_ := set $ "ObjectValues" (dict "certHolder" .Values) -}}
|
||||
{{ end -}}
|
||||
|
||||
{{- if eq (include "common.resources.cert.available" $ ) "true" -}}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
labels: {{ include "common.labels" . | nindent 4 }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ (include "common.resources.cert.publicKey" $ ) | toString | b64enc | quote }}
|
||||
tls.key: {{ (include "common.resources.cert.privateKey" $ ) | toString | b64enc | quote }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
@ -0,0 +1,24 @@
|
||||
{{/*
|
||||
Retrieve true/false if certificate is available in ixCertificates
|
||||
*/}}
|
||||
{{- define "common.resources.cert_present" -}}
|
||||
{{- $values := . -}}
|
||||
{{- hasKey $values.Values.ixCertificates ($values.commonCertOptions.certKeyName | toString) -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/*
|
||||
Retrieve certificate from variable name
|
||||
*/}}
|
||||
{{- define "common.resources.cert" -}}
|
||||
{{- $values := . -}}
|
||||
{{- $certKey := ($values.commonCertOptions.certKeyName | toString) -}}
|
||||
{{- if hasKey $values.Values.ixCertificates $certKey -}}
|
||||
{{- $cert := get $values.Values.ixCertificates $certKey -}}
|
||||
{{- if $values.commonCertOptions.publicKey -}}
|
||||
{{ $cert.certificate }}
|
||||
{{- else -}}
|
||||
{{ $cert.privatekey }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
@ -0,0 +1,64 @@
|
||||
{{- define "common.resources.portal" -}}
|
||||
|
||||
{{- if .Values.portal }}
|
||||
{{- if .Values.portal.enabled }}
|
||||
{{- $host := "$node_ip" }}
|
||||
{{- $port := 443 }}
|
||||
{{- $protocol := "https" }}
|
||||
{{- $portProtocol := "" }}
|
||||
|
||||
{{- if hasKey .Values "ingress" }}
|
||||
{{- if hasKey .Values.ingress "main" -}}
|
||||
{{- if .Values.ingress.main.host }}
|
||||
{{- $host = .Values.ingress.main.host }}
|
||||
{{- else }}
|
||||
{{- range .Values.ingress.main.hosts }}
|
||||
{{- $host = ( .host | quote ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- if and ( .Values.portal.ingressPort ) ( ne $host "$node_ip" ) }}
|
||||
{{- $port = .Values.portal.ingressPort }}
|
||||
{{- else if and ( eq $host "$node_ip" ) ( hasKey .Values "services" ) }}
|
||||
{{- if hasKey .Values.services "main" }}
|
||||
{{- if and (hasKey .Values.services.main.port "nodePort" ) ( eq .Values.services.main.type "NodePort" ) }}
|
||||
{{- $port = .Values.services.main.port.nodePort }}
|
||||
{{- if or ( eq .Values.services.main.port.protocol "HTTP" ) ( eq .Values.services.main.port.protocol "HTTPS" ) }}
|
||||
{{- $portProtocol = .Values.services.main.port.protocol }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- if and ( $portProtocol ) ( eq $host "$node_ip" ) }}
|
||||
{{- $protocol = $portProtocol }}
|
||||
{{- else if and ( ne $host "$node_ip" ) }}
|
||||
{{- if .Values.ingress.main.certType }}
|
||||
{{- if eq .Values.ingress.main.certType "" }}
|
||||
{{- $protocol = "http" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- if and ( .Values.portal.host ) ( eq $host "$node_ip" ) }}
|
||||
{{- $host = .Values.portal.host }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: portal
|
||||
labels: {{ include "common.labels" . | nindent 4 }}
|
||||
data:
|
||||
protocol: {{ $protocol }}
|
||||
host: {{ $host }}
|
||||
port: {{ $port | quote }}
|
||||
url: {{ printf "%v%v%v%v%v" $protocol "://" $host ":" $port }}
|
||||
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
Reference in New Issue
Block a user