fix: devurlsHost ref in ingress template (#233)

wethinkagile · deansheather · web-flow · commit 14417033508b · 2022-03-19T11:30:58.000+10:00
* Added .Values.ingress.classname and ingressClassName to ingress template spec

* adding .idea to gitignore

* fix: devurlsHost ref in ingress template

* Apply suggestions from code review

* Add tests and update README.md

* Clarify ingress values in docs

* Do not include ingressClassName if empty

Co-authored-by: Dean Sheather &lt;dean@deansheather.com&gt;
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 /build
 *.swp
+.idea
diff --git a/README.md b/README.md
@@ -81,11 +81,12 @@ View [our docs](https://coder.com/docs/setup/installation) for detailed installa
 | coderd.trustProxyIP | bool | Configures Coder to accept X-Real-IP and X-Forwarded-For headers from any origin. This option is deprecated and will be removed in a future release. Use the coderd.reverseProxy setting instead, which supports configuring an allowlist of trusted origins. | `false` |
 | envbox | object | Required for running Docker inside containers. See requirements: https://coder.com/docs/coder/latest/admin/workspace-management/cvms | `{"image":""}` |
 | envbox.image | string | Injected by Coder during release. | `""` |
-| ingress | object | Configure an Ingress to route traffic to Coder services. | `{"annotations":{"nginx.ingress.kubernetes.io/proxy-body-size":"0"},"enable":false,"host":"","tls":{"enable":false}}` |
+| ingress | object | Configure an Ingress to route traffic to Coder services. | `{"annotations":{"nginx.ingress.kubernetes.io/proxy-body-size":"0"},"className":"","enable":false,"host":"","tls":{"enable":false}}` |
 | ingress.annotations | object | Additional annotations to add to the Ingress object. The behavior is typically dependent on the Ingress Controller implementation, and useful for managing features like TLS termination. | `{"nginx.ingress.kubernetes.io/proxy-body-size":"0"}` |
+| ingress.className | string | The ingressClassName to set on the Ingress. | `""` |
 | ingress.enable | bool | A boolean controlling whether to create an Ingress. | `false` |
-| ingress.host | string | The hostname to proxy to the Coder installation. The cluster Ingress Controller typically uses server name indication or the HTTP Host header to route traffic. | `""` |
-| ingress.tls | object | Configures TLS settings for the Ingress. | `{"enable":false}` |
+| ingress.host | string | The hostname to proxy to the Coder installation. The cluster Ingress Controller typically uses server name indication or the HTTP Host header to route traffic. The dev URLs hostname is specified in coderd.devurlsHost. | `""` |
+| ingress.tls | object | Configures TLS settings for the Ingress. TLS certificates are specified in coderd.tls.hostSecretName and coderd.tls.devurlsHostSecretName. | `{"enable":false}` |
 | ingress.tls.enable | bool | Determines whether the Ingress handles TLS. | `false` |
 | logging | object | Configures the logging format and output of Coder. | `{"human":"/dev/stderr","json":"","splunk":{"channel":"","token":"","url":""},"stackdriver":""}` |
 | logging.human | string | Location to send logs that are formatted for readability. Set to an empty string to disable. | `"/dev/stderr"` |
diff --git a/templates/ingress.yaml b/templates/ingress.yaml
@@ -14,6 +14,10 @@ metadata:
     app.kubernetes.io/component: {{ include "coder.serviceName" . }}
   annotations: {{ toYaml .Values.ingress.annotations | nindent 4 }}
 spec:
+  {{- if .Values.ingress.className }}
+  {{/* If this is set to an empty string it fails validation on K8s */}}
+  ingressClassName: {{ .Values.ingress.className | quote }}
+  {{- end }}
   rules:
   - host: {{ .Values.ingress.host | quote }}
     http:
@@ -54,12 +58,10 @@ spec:
       - {{ .Values.ingress.host | quote }}
       secretName: {{ .Values.coderd.tls.hostSecretName | quote}}
     {{- end }}
-    {{- if .Values.devurls }}
-    {{- if and .Values.devurls.host .Values.coderd.tls.devurlsHostSecretName }}
+    {{- if and .Values.coderd.devurlsHost .Values.coderd.tls.devurlsHostSecretName }}
     - hosts:
       - {{ .Values.coderd.devurlsHost | quote }}
       secretName: {{ .Values.coderd.tls.devurlsHostSecretName | quote }}
     {{- end }}
-    {{- end }}
   {{- end }}
 {{- end }}
diff --git a/tests/ingress_test.go b/tests/ingress_test.go
@@ -57,6 +57,8 @@ func TestIngress(t *testing.T) {
 				}
 				require.Equal(t, defaultAnnotations, ingress.Annotations)
 
+				require.Empty(t, ingress.Spec.IngressClassName)
+
 				expectedRules := []netv1.IngressRule{
 					{
 						Host:             "install.coder.com",
@@ -95,6 +97,16 @@ func TestIngress(t *testing.T) {
 				require.Equal(t, expectedRules, ingress.Spec.Rules, "expected ingress spec to match")
 			},
 		},
+		{
+			Name: "ingress-className",
+			ValuesFunc: func(v *CoderValues) {
+				v.Ingress.Enable = pointer.Bool(true)
+				v.Ingress.ClassName = pointer.String("test")
+			},
+			AssertFunc: func(t *testing.T, ingress *netv1.Ingress) {
+				require.Equal(t, pointer.String("test"), ingress.Spec.IngressClassName, "expected classname to match")
+			},
+		},
 	}
 
 	for _, test := range tests {
diff --git a/tests/values.go b/tests/values.go
@@ -188,6 +188,7 @@ type EnvboxValues struct {
 // IngressValues reflect values from ingress.
 type IngressValues struct {
 	Enable      *bool             `json:"enable" yaml:"enable"`
+	ClassName   *string           `json:"className" yaml:"className"`
 	Host        *string           `json:"host" yaml:"host"`
 	Annotations map[string]string `json:"annotations" yaml:"annotations"`
 	TLS         *IngressTLSValues `json:"tls" yaml:"tls"`
diff --git a/values.yaml b/values.yaml
@@ -269,17 +269,21 @@ coderd:
 ingress:
   # ingress.enable -- A boolean controlling whether to create an Ingress.
   enable: false
+  # ingress.className -- The ingressClassName to set on the Ingress.
+  className: ""
   # ingress.host -- The hostname to proxy to the Coder installation.
   # The cluster Ingress Controller typically uses server name indication
-  # or the HTTP Host header to route traffic.
+  # or the HTTP Host header to route traffic. The dev URLs hostname is specified
+  # in coderd.devurlsHost.
   host: ""
   # ingress.annotations -- Additional annotations to add to the Ingress
   # object. The behavior is typically dependent on the Ingress Controller
   # implementation, and useful for managing features like TLS termination.
   annotations:
     nginx.ingress.kubernetes.io/proxy-body-size: "0"
 
-  # ingress.tls -- Configures TLS settings for the Ingress.
+  # ingress.tls -- Configures TLS settings for the Ingress. TLS certificates are
+  # specified in coderd.tls.hostSecretName and coderd.tls.devurlsHostSecretName.
   tls:
     # ingress.tls.enable -- Determines whether the Ingress handles TLS.
     enable: false
