tea/browsertrix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use new ingressClassName only by default (#2268)

Browse Source 
- By default, use only `ingressClassName` for ingress class name and
corresponding field in cert-manager
- Only use old 'kubernetes.io/ingress.class' if
ingress.useOldClassAnnotation is set
- Allow for using old annotation only for backwards compatibility, eg.
for GCP
- Closes #2267 and #1570

---------

Co-authored-by: Ilya Kreymer <ikreymer@gmail.com>
This commit is contained in:
Dmitriy Pertsev 2025-01-16 10:23:50 +03:00 committed by GitHub
parent bce75b35fa
commit 246bcc73c5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
chart/templates/ingress.yaml
View File

@ -7,6 +7,9 @@ metadata:
name: ingress-main
namespace: {{ .Release.Namespace }}
annotations:
{{- if .Values.ingress.useOldClassAnnotation }}
kubernetes.io/ingress.class: {{ .Values.ingress_class | default "nginx" }}
{{- end }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
@ -21,7 +24,9 @@ metadata:
proxy_set_header X-Forwarded-Proto {{ .Values.ingress.tls | ternary "https" "http" }};
spec:
{{- if not .Values.ingress.useOldClassAnnotation }}
ingressClassName: {{ .Values.ingress_class | default "nginx" }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
- hosts:
@ -58,11 +63,16 @@ metadata:
name: ingress-authsign
namespace: {{ .Release.Namespace }}
annotations:
{{- if .Values.ingress.useOldClassAnnotation }}
kubernetes.io/ingress.class: {{ .Values.ingress_class | default "nginx" }}
{{- end }}
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/upstream-vhost: "{{ .Values.signer.host }}"
spec:
{{- if not .Values.ingress.useOldClassAnnotation }}
ingressClassName: {{ .Values.ingress_class | default "nginx" }}
{{- end }}
rules:
- host: {{ .Values.signer.host }}
http:
@ -101,8 +111,11 @@ spec:
solvers:
- http01:
ingress:
{{- if not .Values.ingress.useOldClassAnnotation }}
ingressClassName: {{ .Values.ingress_class | default "nginx" }}
{{- else }}
class: {{ .Values.ingress_class | default "nginx" }}
{{- end }}
{{ end }}
{{ end }}

6
chart/values.yaml
View File

@ -446,6 +446,12 @@ ingress:
#host: ""
cert_email: "test@example.com"
tls: false
# If set, will use the old 'kubernetes.io/ingress.class' annotation instead of the new ingressClassName
# also uses old http01.ingress.class in cert-manager instead of http01.ingress.ingressClassName
# provided for backwards compatibility
useOldClassAnnotation: false
# Optional: Uncomment to use your own cluster-issuer instead of default ACME https validation
# custom_cluster_issuer: custom_cluster_issuer-name