From 328c0f33ed30b63a4d1d4d8218c56490a2109fd2 Mon Sep 17 00:00:00 2001 From: Oleg Smirnov Date: Sun, 12 May 2024 22:37:36 +0200 Subject: [PATCH] Support for GCP GCE LB with Google managed certificates --- .../mailpit/templates/gcp_managed_certificate.yaml | 11 +++++++++++ charts/mailpit/templates/ingress.yaml | 13 ++++++++++++- charts/mailpit/values.yaml | 10 +++++++++- 3 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 charts/mailpit/templates/gcp_managed_certificate.yaml diff --git a/charts/mailpit/templates/gcp_managed_certificate.yaml b/charts/mailpit/templates/gcp_managed_certificate.yaml new file mode 100644 index 0000000..9a61f61 --- /dev/null +++ b/charts/mailpit/templates/gcp_managed_certificate.yaml @@ -0,0 +1,11 @@ +{{- if .Values.ingress.gce.gcp_managed_certificate.enabled }} +apiVersion: networking.gke.io/v1 +kind: ManagedCertificate +metadata: + name: {{ template "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} +spec: + domains: + - {{ .Values.ingress.gce.gcp_managed_certificate.domain }} +{{- end }} diff --git a/charts/mailpit/templates/ingress.yaml b/charts/mailpit/templates/ingress.yaml index 6831142..02dfe13 100644 --- a/charts/mailpit/templates/ingress.yaml +++ b/charts/mailpit/templates/ingress.yaml @@ -5,8 +5,19 @@ metadata: name: {{ template "common.names.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + annotations: + {{- if .Values.ingress.gce.enabled }} + kubernetes.io/ingress.class: gce + kubernetes.io/ingress.allow-http: "true" + kubernetes.io/ssl-redirect: "true" + {{- if .Values.ingress.gce.gcp_managed_certificate.enabled }} + networking.gke.io/managed-certificates: {{ template "common.names.fullname" . }} + {{- end }} + {{- else }} + kubernetes.io/ingress.class: nginx + {{- end }} {{- with include "common.tplvalues.merge" ( dict "values" (list .Values.ingress.annotations .Values.commonAnnotations) "context" . ) | fromYaml }} - annotations: {{- . | toYaml | nindent 4 }} + {{- . | toYaml | nindent 4 }} {{- end }} spec: {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} diff --git a/charts/mailpit/values.yaml b/charts/mailpit/values.yaml index 7c27772..dd96165 100644 --- a/charts/mailpit/values.yaml +++ b/charts/mailpit/values.yaml @@ -263,6 +263,14 @@ ingress: ## @param ingress.enabled Enable ingress record generation for %%MAIN_CONTAINER_NAME%% ## enabled: false + ## Enable google managed ingress/loadbalancer + gce: + enabled: false + ## Enable google managed ssl certificate + gcp_managed_certificate: + enabled: false + ## Domain name for the managed certificate + domain: hostname.local ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. ## Use this parameter to set the required annotations for cert-manager, see ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations @@ -286,7 +294,7 @@ ingress: path: / ## @param ingress.pathType Ingress path type ## - pathType: ImplementationSpecific + pathType: Prefix ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: