mirror of
https://github.com/truecharts/library-charts.git
synced 2026-07-04 21:31:23 -03:00
most portal work done
This commit is contained in:
124
library/common-test/ci/portal-values.yaml
Normal file
124
library/common-test/ci/portal-values.yaml
Normal file
@@ -0,0 +1,124 @@
|
||||
ixChartContext:
|
||||
something: something
|
||||
|
||||
workload:
|
||||
main:
|
||||
enabled: true
|
||||
podSpec:
|
||||
containers:
|
||||
main:
|
||||
enabled: true
|
||||
args:
|
||||
- --port
|
||||
- "8080"
|
||||
probes:
|
||||
liveness:
|
||||
enabled: true
|
||||
readiness:
|
||||
enabled: true
|
||||
startup:
|
||||
enabled: true
|
||||
|
||||
service:
|
||||
main:
|
||||
enabled: true
|
||||
ports:
|
||||
main:
|
||||
enabled: true
|
||||
port: 8080
|
||||
protocol: http
|
||||
autolink:
|
||||
enabled: true
|
||||
ports:
|
||||
autolink:
|
||||
enabled: true
|
||||
protocol: http
|
||||
port: 8081
|
||||
|
||||
manifestManager:
|
||||
enabled: false
|
||||
staging: false
|
||||
|
||||
|
||||
# -- Configure the ingresses for the chart here.
|
||||
# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
|
||||
# @default -- See below
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
service:
|
||||
name:
|
||||
port:
|
||||
tls: []
|
||||
|
||||
"ixCertificateAuthorities": {}
|
||||
"ixCertificates":
|
||||
"1":
|
||||
"CA_type_existing": false
|
||||
"CA_type_intermediate": false
|
||||
"CA_type_internal": false
|
||||
"CSR": ""
|
||||
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost"
|
||||
"cert_type": "CERTIFICATE"
|
||||
"cert_type_CSR": false
|
||||
"cert_type_existing": true
|
||||
"cert_type_internal": false
|
||||
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
|
||||
"certificate_path": "/etc/certificates/freenas_default.crt"
|
||||
"chain": false
|
||||
"chain_list": [
|
||||
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
|
||||
]
|
||||
"city": "Maryville"
|
||||
"common": "localhost"
|
||||
"country": "US"
|
||||
"csr_path": "/etc/certificates/freenas_default.csr"
|
||||
"digest_algorithm": "SHA256"
|
||||
"email": "info@ixsystems.com"
|
||||
"extensions":
|
||||
"ExtendedKeyUsage": "TLS Web Server Authentication"
|
||||
"SubjectAltName": "DNS:localhost"
|
||||
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B"
|
||||
"from": "Fri Sep 25 16:05:38 2020"
|
||||
"id": 1
|
||||
"internal": "NO"
|
||||
"issuer": "external"
|
||||
"key_length": 2048
|
||||
"key_type": "RSA"
|
||||
"lifetime": 825
|
||||
"name": "freenas_default"
|
||||
"organization": "iXsystems"
|
||||
"organizational_unit": ""
|
||||
"parsed": true
|
||||
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n"
|
||||
"privatekey_path": "/etc/certificates/freenas_default.key"
|
||||
"revoked": false
|
||||
"revoked_date": ""
|
||||
"root_path": "/etc/certificates"
|
||||
"san": [
|
||||
"DNS:localhost"
|
||||
]
|
||||
"serial": 1
|
||||
"signedby": ""
|
||||
"state": "Tennessee"
|
||||
"subject_name_hash": 3193428416
|
||||
"type": 8
|
||||
"until": "Thu Dec 29 15:05:38 2022"
|
||||
|
||||
portal:
|
||||
open:
|
||||
enabled: false
|
||||
override:
|
||||
protocol:
|
||||
host:
|
||||
port:
|
||||
urlSuffix: ""
|
||||
targetSelector:
|
||||
ingress: ""
|
||||
service: ""
|
||||
port: ""
|
||||
@@ -48,4 +48,6 @@
|
||||
|
||||
{{- include "tc.v1.common.lib.util.autoperms" . | nindent 0 -}}
|
||||
|
||||
{{- include "tc.v1.common.spawner.portal" . | nindent 0 -}}
|
||||
|
||||
{{- end -}}
|
||||
|
||||
@@ -4,104 +4,124 @@
|
||||
*/}}
|
||||
|
||||
{{- define "tc.v1.common.spawner.portal" -}}
|
||||
{{- if .Values.ixChartContext -}}
|
||||
|
||||
{{- range $name, $portal := .Values.portal -}}
|
||||
{{- range $name, $portal := .Values.portal -}}
|
||||
{{- if $portal.enabled -}}
|
||||
|
||||
{{- if $portal.enabled -}}
|
||||
{{/* Create a copy of the portal */}}
|
||||
{{- $objectData := (mustDeepCopy $portal) -}}
|
||||
|
||||
{{/* Create a copy of the portal */}}
|
||||
{{- $objectData := (mustDeepCopy $portal) -}}
|
||||
{{/* Create defaults */}}
|
||||
{{- $protocol := "https" -}}
|
||||
{{- $host := "$node_ip" -}}
|
||||
{{- $port := "443" -}}
|
||||
{{- $suffix := $objectData.urlSuffix -}}
|
||||
{{- $url := "" -}}
|
||||
|
||||
{{/* Create defaults */}}
|
||||
{{- $protocol := "https" -}}
|
||||
{{- $host := "$node_ip" -}}
|
||||
{{- $port := "443" -}}
|
||||
{{- $suffix := $objectData.urlSuffix -}}
|
||||
{{- $url := "" -}}
|
||||
{{/* Get service, default to primary */}}
|
||||
{{- $serviceData := dict "targetSelector" $objectData.targetSelector.service -}}
|
||||
{{- $selectedService := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedServiceValues" (dict "rootCtx" $ "objectData" $serviceData)) }}
|
||||
|
||||
{{/* Get service, default to primary */}}
|
||||
{{- $selectedService := fromYaml ( include "tc.v1.common.lib.helpers.getSelectedServiceValues" (dict "rootCtx" $ "objectData" $objectData.targetSeleector.service ) ) -}}
|
||||
|
||||
{{/* read loadbalancer IP's for metallb */}}
|
||||
{{- if eq $selectedService.type "LoadBalancer" -}}
|
||||
{{- with $selectedService.loadBalancerIP -}}
|
||||
{{- $host = toString . -}}
|
||||
|
||||
{{/* read loadbalancer IP's for metallb */}}
|
||||
{{- if eq $selectedService.type "LoadBalancer" -}}
|
||||
{{- with $selectedService.loadBalancerIP -}}
|
||||
{{- $host = toString . -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* set temporary storage for port name and port */}}
|
||||
{{- $targetPort := "" -}}
|
||||
{{- $selectedPort := "" -}}
|
||||
|
||||
{{/* Fetch port values */}}
|
||||
{{- if $objectData.targetSelector.port -}}
|
||||
{{- $targetPort := $objectData.targetSeleector.port -}}
|
||||
{{- else -}}
|
||||
{{- $targetPort := include "tc.v1.common.lib.util.service.ports.primary" $selectedService -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* set temporary storage for port name and port */}}
|
||||
{{- $targetPort := "" -}}
|
||||
{{- $selectedPort := "" -}}
|
||||
{{- $selectedPort = get $selectedService.port $targetPort -}}
|
||||
|
||||
{{/* store port number */}}
|
||||
{{- $port = $selectedPort.port -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/* set temporary storage for ingress name and port */}}
|
||||
{{- $targetIngress := "" -}}
|
||||
{{- $selectedIngress := "" -}}
|
||||
|
||||
{{/* Fetch ingress values */}}
|
||||
{{- if $objectData.targetSelector.ingress -}}
|
||||
{{- $targetIngress := $objectData.targetSelector.ingress -}}
|
||||
{{- else -}}
|
||||
{{- $targetIngress := include "tc.v1.common.lib.util.service.ingress.primary" $ -}}
|
||||
{{- end -}}
|
||||
{{- $selectedIngress = get .Values.ingress $targetIngress -}}
|
||||
|
||||
{{/* store host from ingress number */}}
|
||||
{{- if $selectedIngress.enabled -}}
|
||||
{{- with (index $selectedIngress.hosts 0) }}
|
||||
{{- $host = .host -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* TODO: grab ports via portal */}}
|
||||
|
||||
|
||||
{{/* Apply overrides */}}
|
||||
{{- if $objectData.override.protocol -}}
|
||||
{{- $protocol = $objectData.override.protocol -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if $objectData.override.host -}}
|
||||
{{- $host = $objectData.override.host -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if $objectData.override.port -}}
|
||||
{{- $port = $objectData.override.port -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
|
||||
{{/* sanitise */}}
|
||||
{{- if eq $port "443" -}}
|
||||
{{- $protocol = "https" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if eq $port "80" -}}
|
||||
{{- $protocol = "http" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if or ( eq $protocol "https" ) ( eq $protocol "http" ) -}}
|
||||
{{- $port = "" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Construct URL*/}}
|
||||
{{- if $port -}}
|
||||
{{- $url = printf "%s://%s:%s/%s" $protocol $host $port $suffix -}}
|
||||
{{- else -}}
|
||||
{{- $url = printf "%s://%s/%s" $protocol $host $suffix -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* create configmap entry*/}}
|
||||
{{- $portalData := dict "protocol" $protocol "host" $host "port" $port "suffix" $suffix "url" $url -}}
|
||||
|
||||
{{/* construct configmap */}}
|
||||
{{- $objectName := "tcportal" -}}
|
||||
{{- $configMap := dict "enabled" true "name" $objectName "shortName" $objectName "data" $portalData -}}
|
||||
|
||||
{{/* Perform validations */}}
|
||||
{{- include "tc.v1.common.lib.chart.names.validation" (dict "name" $objectName) -}}
|
||||
{{- include "tc.v1.common.lib.configmap.validation" (dict "objectData" $configMap) -}}
|
||||
{{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $configMap "caller" "ConfigMap") -}}
|
||||
|
||||
{{/* Call class to create the object */}}
|
||||
{{- include "tc.v1.common.class.configmap" (dict "rootCtx" $ "objectData" $configMap) -}}
|
||||
|
||||
{{/* Fetch port values */}}
|
||||
{{- if $objectData.targetSelector.port -}}
|
||||
{{- $targetPort := $objectData.targetSeleector.port -}}
|
||||
{{- else -}}
|
||||
{{- $targetPort := include "tc.v1.common.lib.util.service.ports.primary" $selectedService -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- $selectedPort = get $selectedService.port $targetPort -}}
|
||||
|
||||
{{/* store port number */}}
|
||||
{{- $port = $selectedPort.port -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/* set temporary storage for ingress name and port */}}
|
||||
{{- $targetIngress := "" -}}
|
||||
{{- $selectedIngress := "" -}}
|
||||
|
||||
{{/* Fetch ingress values */}}
|
||||
{{- if $objectData.targetSelector.ingress -}}
|
||||
{{- $targetIngress := $objectData.targetSelector.ingress -}}
|
||||
{{- else -}}
|
||||
{{- $targetIngress := include "tc.v1.common.lib.util.service.ingress.primary" $ -}}
|
||||
{{- end -}}
|
||||
{{- $selectedIngress = get .Values.ingress $targetIngress -}}
|
||||
|
||||
{{/* store host from ingress number */}}
|
||||
{{- if $selectedIngress.enabled -}}
|
||||
{{- with (index $selectedIngress.hosts 0) }}
|
||||
{{- $host = .host -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/* Apply overrides */}}
|
||||
{{- if $objectData.override.protocol -}}
|
||||
{{- $protocol = $objectData.override.protocol -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if $objectData.override.host -}}
|
||||
{{- $host = $objectData.override.host -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if $objectData.override.port -}}
|
||||
{{- $port = $objectData.override.port -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
|
||||
{{/* sanitise */}}
|
||||
{{- if eq $port "443" -}}
|
||||
{{- $protocol = "https" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if eq $port "80" -}}
|
||||
{{- $protocol = "http" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if or ( eq $protocol "https" ) ( eq $protocol "http" ) -}}
|
||||
{{- $port = "" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Construct URL*/}}
|
||||
{{- if $port -}}
|
||||
{{- $url = printf "%s://%s:%s/%s" $protocol $host $port $suffix -}}
|
||||
{{- else -}}
|
||||
{{- $url = printf "%s://%s/%s" $protocol $host $suffix -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- end -}}
|
||||
|
||||
{{- end -}}
|
||||
|
||||
{{- end -}}
|
||||
|
||||
Reference in New Issue
Block a user