fix: proxyprotocol for private-ingress re-added, refactor of istio-ingress template

2021-08-26 15:00:03 +02:00 · 2021-08-26 15:00:03 +02:00 · e016c87680
commit e016c87680
parent 70503ae483
3 changed files with 38 additions and 43 deletions
--- a/charts/kubezero/Chart.yaml
+++ b/charts/kubezero/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 name: kubezero
 description: KubeZero - Bootstrap and ArgoCD Root App of Apps chart
 type: application
-version: 1.20.8
+version: 1.20.8-1
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
 keywords:
--- a/charts/kubezero/bootstrap.sh
+++ b/charts/kubezero/bootstrap.sh
@ -5,16 +5,19 @@ ACTION=$1
 ARTIFACTS=($(echo $2 | tr "," "\n"))
 CLUSTER=$3
 LOCATION=${4:-""}
+KUBEZERO_VERSION=${5:-""}

 which yq || { echo "yq not found!"; exit 1; }
 which helm || { echo "helm not found!"; exit 1; }
 helm_version=$(helm version --short)
-echo $helm_version | grep -qe "^v3.[3-9]" || { echo "Helm version >= 3.3 required!"; exit 1; }
+echo $helm_version | grep -qe "^v3.[5-9]" || { echo "Helm version >= 3.5 required!"; exit 1; }

 # Simulate well-known CRDs being available
 API_VERSIONS="-a monitoring.coreos.com/v1"
 KUBE_VERSION="--kube-version $(kubectl version -o json | jq -r .serverVersion.gitVersion)"

+[ -n "$KUBEZERO_VERSION" ] && KUBEZERO_VERSION="--version $KUBEZERO_VERSION"
+
 TMPDIR=$(mktemp -d kubezero.XXX)
 [ -z "$DEBUG" ] && trap 'rm -rf $TMPDIR' ERR EXIT

@ -143,7 +146,7 @@ function get_namespace() {


 function update_kubezero_argo() {
-  helm template $(chart_location kubezero) -f ${VALUES%%,} --set installKubeZero=true > $TMPDIR/kubezero-argocd.yaml
+  helm template $(chart_location kubezero) -f ${VALUES%%,} --set installKubeZero=true $KUBEZERO_VERSION > $TMPDIR/kubezero-argocd.yaml
  kubectl apply -f $TMPDIR/kubezero-argocd.yaml
 }

@ -203,7 +206,7 @@ function argocd-post() {
 # First lets generate kubezero.yaml
 # Add all yaml files in $CLUSTER
 VALUES="$(find $CLUSTER -maxdepth 1 -name '*.yaml' | sort | tr '\n' ',')"
-helm template $(chart_location kubezero) -f ${VALUES%%,} > $TMPDIR/kubezero.yaml
+helm template $(chart_location kubezero) -f ${VALUES%%,} $KUBEZERO_VERSION > $TMPDIR/kubezero.yaml

 # Resolve all the all enabled artifacts in order of their appearance
 if [ ${ARTIFACTS[0]} == "all" ]; then
--- a/charts/kubezero/templates/istio-ingress.yaml
+++ b/charts/kubezero/templates/istio-ingress.yaml
@ -1,3 +1,28 @@
+{{- define "_ingress" }}
+# reuse values for the two sub-charts Public and Private
+enabled: {{ .enabled }}
+{{- with .gateway }}
+gateways:
+  istio-ingressgateway:
+    {{- toYaml . | nindent 6 }}
+{{- end }}
+certificates:
+{{- with .dnsNames }}
+- name: ingress-cert
+  dnsNames:
+  {{- toYaml . | nindent 4 }}
+{{- end }}
+{{- range $cert := .certificates }}
+- name: {{ $cert.name }}
+  dnsNames:
+  {{- toYaml $cert.dnsNames | nindent 4 }}
+{{- end }}
+{{- with .proxyProtocol }}
+proxyProtocol: {{ . }}
+{{- end }}
+{{- end }}
+
+
 {{- define "istio-ingress-values" }}

 {{- with index .Values "istio-ingress" "global" }}
@ -5,51 +30,18 @@ global:
  {{- toYaml . | nindent 2 }}
 {{- end }}

-{{- if index .Values "istio-ingress" "public" }}
+{{- with index .Values "istio-ingress" "public" }}
 istio-ingress:
-  enabled: {{ index .Values "istio-ingress" "public" "enabled" }}
  telemetry:
-    enabled: {{ .Values.metrics.enabled }}
-  {{- with index .Values "istio-ingress" "public" "gateway" }}
-  gateways:
-    istio-ingressgateway:
-      {{- toYaml . | nindent 6 }}
-  {{- end }}
-  certificates:
-  {{- with index .Values "istio-ingress" "public" "dnsNames" }}
-  - name: ingress-cert
-    dnsNames:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-  {{- range $cert := (index .Values "istio-ingress" "public" "certificates") }}
-  - name: {{ $cert.name }}
-    dnsNames:
-    {{- toYaml $cert.dnsNames | nindent 4 }}
-  {{- end }}
+    enabled: {{ $.Values.metrics.enabled }}
+{{- include "_ingress" . | nindent 2 }}
 {{- end }}

-{{- if index .Values "istio-ingress" "private" }}
+{{- with index .Values "istio-ingress" "private" }}
 istio-private-ingress:
-  enabled: {{ index .Values "istio-ingress" "private" "enabled" }}
  telemetry:
-    enabled: {{ .Values.metrics.enabled }}
-  {{- with index .Values "istio-ingress" "private" "gateway" }}
-  gateways:
-    istio-ingressgateway:
-      {{- toYaml . | nindent 6 }}
-  {{- end }}
-  certificates:
-  {{- with index .Values "istio-ingress" "private" "dnsNames" }}
-  - name: private-ingress-cert
-    dnsNames:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-  {{- range $cert := (index .Values "istio-ingress" "private" "certificates") }}
-  - name: {{ $cert.name }}
-    dnsNames:
-    {{- toYaml $cert.dnsNames | nindent 4 }}
-  {{- end }}
-  proxyProtocol: {{ default false (index .Values "istio-ingress" "private" "proxyProtocol") }}
+    enabled: {{ $.Values.metrics.enabled }}
+{{- include "_ingress" . | nindent 2 }}
 {{- end }}

 {{- end }}