diff --git a/README.md b/README.md index 722531e..4cf6cdc 100644 --- a/README.md +++ b/README.md @@ -219,9 +219,14 @@ chart and deletes the release. | redisDependencyEnabled | bool | `true` | Install redis as a depending chart | | replicaCount | int | `2` | If autoscaling is disabled this will define the number of pods to run | | service.annotations | object | `{}` | Annotations to add to the service | -| service.name | string | `"https"` | Configure passbolt service port name | -| service.port | int | `443` | Configure passbolt service port | -| service.targetPort | int | `443` | Configure passbolt service targetPort | +| service.ports | object | `{"http":{"name":"http","port":80,"targetPort":80},"https":{"name":"https","port":443,"targetPort":443}}` | Configure the service ports | +| service.ports.http.name | string | `"http"` | Configure passbolt HTTP service port name | +| service.ports.http.port | int | `80` | Configure passbolt HTTP service port | +| service.ports.http.targetPort | int | `80` | Configure passbolt HTTP service targetPort | +| service.ports.https | object | `{"name":"https","port":443,"targetPort":443}` | Configure the HTTPS port | +| service.ports.https.name | string | `"https"` | Configure passbolt HTTPS service port name | +| service.ports.https.port | int | `443` | Configure passbolt HTTPS service port | +| service.ports.https.targetPort | int | `443` | Configure passbolt HTTPS service targetPort | | service.type | string | `"ClusterIP"` | Configure passbolt service type | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | diff --git a/templates/NOTES.txt b/templates/NOTES.txt index e47a921..46834a9 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -13,7 +13,7 @@ NOTE: It may take a few minutes for the LoadBalancer IP to be available. You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "passbolt-library.fullname" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "passbolt-library.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} + echo http://$SERVICE_IP:{{ .Values.service.ports.http.port }} {{- else if contains "ClusterIP" .Values.service.type }} export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "passbolt-library.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 8d74714..dea6189 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -108,10 +108,10 @@ spec: imagePullPolicy: {{ .Values.app.image.pullPolicy }} ports: - name: https - containerPort: {{ .Values.service.targetPort }} + containerPort: {{ .Values.service.ports.https.targetPort }} protocol: TCP - name: http - containerPort: 80 + containerPort: {{ .Values.service.ports.http.targetPort }} protocol: TCP livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} diff --git a/templates/ingress.yaml b/templates/ingress.yaml index 94d792d..fa9be02 100644 --- a/templates/ingress.yaml +++ b/templates/ingress.yaml @@ -3,7 +3,7 @@ {{- $action := "common" -}} {{- $Name := include "passbolt-library.fullname" . -}} {{- $fullName := printf "%s-%s-%s" $Name $type $action -}} -{{- $svcPort := .Values.service.port -}} +{{- $svcPort := .Values.service.ports.http.port -}} {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} diff --git a/templates/service.yaml b/templates/service.yaml index 250fbd9..e7f938a 100644 --- a/templates/service.yaml +++ b/templates/service.yaml @@ -19,9 +19,13 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.port | default 443 }} - targetPort: {{ .Values.service.targetPort | default 443 }} + - port: {{ .Values.service.ports.https.port | default 443 }} + targetPort: {{ .Values.service.ports.https.targetPort | default 443 }} protocol: TCP - name: {{ .Values.service.name | default "https" }} + name: {{ .Values.service.ports.https.name | default "https" }} + - port: {{ .Values.service.ports.http.port | default 80 }} + targetPort: {{ .Values.service.ports.http.targetPort | default 80 }} + protocol: TCP + name: {{ .Values.service.ports.http.name | default "http" }} selector: {{- include "passbolt-library.selectorLabels" . | nindent 4 }} diff --git a/tests/deployment_http_port_test.yaml b/tests/deployment_http_port_test.yaml index 3b9a01e..b3e8670 100644 --- a/tests/deployment_http_port_test.yaml +++ b/tests/deployment_http_port_test.yaml @@ -5,22 +5,24 @@ release: values: - values-test.yaml tests: - - it: should match port with the one in values + - it: should match ports with the ones in values templates: - deployment.yaml set: - service.targetPort: 5000 - redis.auth.enabled: true - redis.replica.replicaCount: 2 - autoscaling.enabled: false - app.cache.redis.sentinelProxy.enabled: false - app.cache.redis.sentinelProxy.image.repository: haproxy - app.cache.redis.sentinelProxy.image.tag: latest + service.ports.https.targetPort: 5443 + service.ports.http.targetPort: 5080 asserts: - contains: path: spec.template.spec.containers[0].ports content: name: https - containerPort: 5000 + containerPort: 5443 + count: 1 + any: true + - contains: + path: spec.template.spec.containers[0].ports + content: + name: http + containerPort: 5080 count: 1 any: true diff --git a/tests/ingress_service_port_test.yaml b/tests/ingress_service_port_test.yaml new file mode 100644 index 0000000..e490e1b --- /dev/null +++ b/tests/ingress_service_port_test.yaml @@ -0,0 +1,21 @@ +--- +suite: ingress service port +release: + name: test +values: + - values-test.yaml +tests: + - it: should set the port of the backend to the configured HTTP port + templates: + - ingress.yaml + set: + service.ports.http.port: 5080 + ingress.enabled: true + asserts: + - isSubset: + path: spec.rules[0].http.paths[0].backend.service + content: + name: test-passbolt + port: + number: 5080 + any: true diff --git a/tests/service_http_port_test.yaml b/tests/service_http_port_test.yaml new file mode 100644 index 0000000..2ff6a4b --- /dev/null +++ b/tests/service_http_port_test.yaml @@ -0,0 +1,36 @@ +--- +suite: service ports +release: + name: test +values: + - values-test.yaml +tests: + - it: should match ports with the ones in values + templates: + - service.yaml + set: + service.ports.https.port: 5443 + service.ports.https.targetPort: 5443 + service.ports.https.name: myhttps + service.ports.http.port: 5080 + service.ports.http.targetPort: 5080 + service.ports.http.name: myhttp + asserts: + - contains: + path: spec.ports + content: + port: 5443 + targetPort: 5443 + protocol: TCP + name: myhttps + count: 1 + any: true + - contains: + path: spec.ports + content: + port: 5080 + targetPort: 5080 + protocol: TCP + name: myhttp + count: 1 + any: true diff --git a/tests/values-test.yaml b/tests/values-test.yaml index 0e84f17..09824f7 100644 --- a/tests/values-test.yaml +++ b/tests/values-test.yaml @@ -249,14 +249,25 @@ podSecurityContext: {} service: # -- Configure passbolt service type type: ClusterIP - # -- Configure passbolt service port - port: 443 - # -- Configure passbolt service targetPort - targetPort: 443 - # -- Configure passbolt service port name - name: https # -- Annotations to add to the service annotations: {} + # -- Configure the service ports + ports: + # -- Configure the HTTPS port + https: + # -- Configure passbolt HTTPS service port + port: 443 + # -- Configure passbolt HTTPS service targetPort + targetPort: 443 + # -- Configure passbolt HTTPS service port name + name: https + http: + # -- Configure passbolt HTTP service port + port: 80 + # -- Configure passbolt HTTP service targetPort + targetPort: 80 + # -- Configure passbolt HTTP service port name + name: http ingress: # -- Enable passbolt ingress diff --git a/values.yaml b/values.yaml index 1eb4410..3f5151e 100644 --- a/values.yaml +++ b/values.yaml @@ -334,14 +334,25 @@ podSecurityContext: service: # -- Configure passbolt service type type: ClusterIP - # -- Configure passbolt service port - port: 443 - # -- Configure passbolt service targetPort - targetPort: 443 - # -- Configure passbolt service port name - name: https # -- Annotations to add to the service annotations: {} + # -- Configure the service ports + ports: + # -- Configure the HTTPS port + https: + # -- Configure passbolt HTTPS service port + port: 443 + # -- Configure passbolt HTTPS service targetPort + targetPort: 443 + # -- Configure passbolt HTTPS service port name + name: https + http: + # -- Configure passbolt HTTP service port + port: 80 + # -- Configure passbolt HTTP service targetPort + targetPort: 80 + # -- Configure passbolt HTTP service port name + name: http tls: # -- Generates a secret with a self-signed cerfificate that is injected on ingress and passbolt container