Merge pull request #1906 from bcgov/chore/update-route

chore: update route.yaml
bcgov · May 9, 2024 · 3303959 · 3303959
2 parents 39ad9bb + af8f257
commit 3303959
Show file tree

Hide file tree

Showing 6 changed files with 50 additions and 4 deletions.
diff --git a/chart/cas-cif/Chart.yaml b/chart/cas-cif/Chart.yaml
@@ -21,3 +21,4 @@ dependencies:
   - name: certbot
     version: 0.1.3
     repository: https://bcdevops.github.io/certbot
+    condition: certbot.enabled
diff --git a/chart/cas-cif/templates/route.prod.yaml b/chart/cas-cif/templates/route.prod.yaml
@@ -0,0 +1,38 @@
+{{- if hasSuffix "-prod" .Release.Namespace }}
+
+{{- $keySecret := "Secret not found" }}
+{{- $certSecret := "Secret not found" }}
+{{- $CACertSecret := "Secret not found" }}
+
+{{- $existingSSLSecret := (lookup "v1" "Secret" .Release.Namespace "ssl-cert-cas-cif" ) }}
+{{- if $existingSSLSecret }}
+{{- $keySecret = index $existingSSLSecret.data "private-key" | b64dec | quote}}
+{{- $certSecret = index $existingSSLSecret.data "certificate" | b64dec | quote}}
+{{- $CACertSecret = index $existingSSLSecret.data "CACert" | b64dec | quote}}
+{{- end -}}
+
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  name: {{ template "cas-cif.fullname" . }}
+  labels: {{ include "cas-cif.labels" . | nindent 4 }}
+  annotations:
+    haproxy.router.openshift.io/balance: roundrobin
+
+spec:
+  host: {{ .Values.hostName }}
+  port:
+    targetPort: {{ template "cas-cif.fullname" . }}
+  tls:
+    insecureEdgeTerminationPolicy: Redirect
+    termination: edge
+    key: {{ $keySecret }}
+    certificate: {{ $certSecret }}
+    caCertificate: {{ $CACertSecret }}
+  to:
+    kind: Service
+    name: {{ template "cas-cif.fullname" . }}
+    weight: 100
+  wildcardPolicy: None
+
+{{- end }}
diff --git a/chart/cas-cif/templates/route.yaml b/chart/cas-cif/templates/route.yaml
@@ -1,3 +1,5 @@
+{{- if not (hasSuffix "-prod" .Release.Namespace)}}
+
 {{- $route := (lookup "route.openshift.io/v1" "Route" .Release.Namespace "cas-cif" ) }}
 {{- $certificate := "" }}
 {{- $key := "" }}
@@ -32,3 +34,5 @@ spec:
     name: {{ template "cas-cif.fullname" . }}
     weight: 100
   wildcardPolicy: None
+
+{{- end -}}
diff --git a/chart/cas-cif/values-dev.yaml b/chart/cas-cif/values-dev.yaml
@@ -18,3 +18,6 @@ deploy-db:
 
 download-dags:
   airflowEndpoint: https://cas-airflow-dev.apps.silver.devops.gov.bc.ca
+
+certbot:
+  enabled: true
diff --git a/chart/cas-cif/values-prod.yaml b/chart/cas-cif/values-prod.yaml
@@ -1,10 +1,7 @@
 hostName: cif.gov.bc.ca
 
 certbot:
-  certbot:
-    server:
-      secretName: cas-acme-url
-      secretKey: url
+  enabled: false
 
 deploy-db:
   airflowEndpoint: https://cas-airflow-prod.apps.silver.devops.gov.bc.ca

diff --git a/chart/cas-cif/values-test.yaml b/chart/cas-cif/values-test.yaml
@@ -28,3 +28,6 @@ deploy-db:
 
 download-dags:
   airflowEndpoint: https://cas-airflow-test.apps.silver.devops.gov.bc.ca
+
+certbot:
+  enabled: true