feat: add support for multiple hosts and tls configurations in ingress

[msoderberg]

Description of the change

Adds ingress.extraHosts and ingress.extraTls which allows you to add extra host and tls items to the generated Ingress resource.

Existing or Associated Issue(s)

Additional Information

We run Backstage in EKS and are currently adding a condition annotation in the Ingress to configure the AWS ALB with an extra hostname. The downside with this approach is that we have to specify the AWS ACM certificate ARN:s for the domains (we loose the certificate discovery functionality).

There are other workarounds as well (e.g. using extraDeploy to create multiple Ingress resources), but having native support for multiple hosts in the Helm chart would simplify our life a bit.

Checklist

• Chart version bumped in Chart.yaml according to semver.
• Variables are documented in the values.yaml and added to the README.md. The helm-docs utility can be used to generate the necessary content. Use helm-docs --dry-run to preview the content.
• JSON Schema generated.
• List tests pass for Chart using the Chart Testing tool and the ct lint command.

[msoderberg]

Linting chart "backstage => (version: \"1.10.0\", path: \"charts/backstage\")"
Checking chart "backstage => (version: \"1.10.0\", path: \"charts/backstage\")" for a version bump...
Old chart version: 1.9.6
New chart version: 1.10.0
Chart version ok.
Validating /home/marsod/git/backstage/charts/charts/backstage/Chart.yaml...
Validation success! 👍

Linting chart with values file "charts/backstage/ci/appConfig-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/default-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/extraDeploy-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/extraVolumes-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/image-digest-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/ingress-extraHosts-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/ingress-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/postgres-generated-creds-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/postgres-provided-creds-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed

Linting chart with values file "charts/backstage/ci/probes-values.yaml"...

==> Linting charts/backstage

1 chart(s) linted, 0 chart(s) failed
------------------------------------------------------------------------------------------------------------------------
 ✔︎ backstage => (version: "1.10.0", path: "charts/backstage")
------------------------------------------------------------------------------------------------------------------------
All charts linted successfull

[github-actions]

This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!

[msoderberg]

Still waiting for review so please keep it open.

[ChrisJBurns]

Is there a reason we're adding the or condition here? I would have thought just the checking if .Values.ingress.tls.enabled is enabled should be enough. We have the extraTLS check below anyways and if you were adding extra TLS, you would already have the .tls.enabled set to true anyways.

[msoderberg]

Having the or condition allows you to enable TLS only for extra hosts (e.g. with item(s) defined in ingress.extraTls and ingress.tls.enabled: false). I don't know if that's a use case worth supporting though, so I'm open to change it if that's preferable. If I change it I think it makes sense to move the extraTls object from ingress.extraTls to ingress.tls.extraTls. Let me know what you think!

[ChrisJBurns]

Yep, let's go with the ingress.extraTls to ingress.tls.extraTls, perhaps keeping the use case simple at the moment with the most likely scenario is best for now. If it's needed in future we can always change to add TLS only for extra hosts.

[vinzscam]

Having the or condition allows you to enable TLS only for extra hosts (e.g. with item(s) defined in ingress.extraTls and ingress.tls.enabled: false). I don't know if that's a use case worth supporting though, so I'm open to change it if that's preferable. If I change it I think it makes sense to move the extraTls object from ingress.extraTls to ingress.tls.extraTls. Let me know what you think!

good catch!

Yep, let's go with the ingress.extraTls to ingress.tls.extraTls

isn't ingress.tls.extraTls a bit redundant? Looking at other charts ingress.extraTls seems the way to go, but happy to discuss.

[ChrisJBurns]

@vinzscam Yep, seems to have my values wrong way around there, good catch!

[msoderberg]

Thanks for the feedback! I created a PR with the change (remove the or condition) to this branch just to make sure we're all on the same page: msoderberg#1.