From a7b6d184a5f8cb645500c38f35f6e5dedfb61120 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Wed, 27 Jun 2018 18:21:54 -0500 Subject: [PATCH] Update chart to support TLS for Shipyard Adds the secret to support TLS for the Shipyard API Change-Id: I34d753bc0c65b00df54aeb32ff66eef5bf2c4c6e Co-Authored-By: Pete Birley Signed-off-by: Pete Birley --- .../templates/secret-ingress-tls.yaml | 19 +++++++++++++++++++ charts/shipyard/values.yaml | 12 ++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 charts/shipyard/templates/secret-ingress-tls.yaml diff --git a/charts/shipyard/templates/secret-ingress-tls.yaml b/charts/shipyard/templates/secret-ingress-tls.yaml new file mode 100644 index 00000000..8d9ca4a6 --- /dev/null +++ b/charts/shipyard/templates/secret-ingress-tls.yaml @@ -0,0 +1,19 @@ +{{/* +Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.secret_ingress_tls }} +{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendService" "shipyard" "backendServiceType" "shipyard" ) }} +{{- end }} diff --git a/charts/shipyard/values.yaml b/charts/shipyard/values.yaml index fffb50f4..85244fbe 100644 --- a/charts/shipyard/values.yaml +++ b/charts/shipyard/values.yaml @@ -203,6 +203,13 @@ endpoints: default: http host_fqdn_override: default: null + # NOTE(bryan-strassner): this chart supports TLS for fqdn over-ridden public + # endpoints using the following format: + # public: + # host: null + # tls: + # crt: null + # key: null airflow_web: name: airflow-web hosts: @@ -333,6 +340,10 @@ secrets: postgresql_airflow_db: admin: airflow-db-admin user: airflow-db-user + tls: + shipyard: + shipyard: + public: shipyard-tls-public conf: uwsgi: @@ -700,6 +711,7 @@ manifests: job_ks_user: true secret_airflow_db: true secret_shipyard_db: true + secret_ingress_tls: true secret_keystone: true service_airflow_ingress: true service_airflow_flower: true