Skip to content

Commit b9b9c2f

Browse files
deansheatherdeansheather
authored
fix: mount TLS secret in helm chart (#3717)
1 parent ccabec6 commit b9b9c2f

File tree

3 files changed

+64
-25
lines changed

3 files changed

+64
-25
lines changed

helm/templates/_helpers.tpl

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,3 +31,43 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
3131
{{- end }}
3232
app.kubernetes.io/managed-by: {{ .Release.Service }}
3333
{{- end }}
34+
35+
{{/*
36+
Coder listen port (must be > 1024)
37+
*/}}
38+
{{- define "coder.port" }}
39+
{{- if .Values.coder.tls.secretName -}}
40+
8443
41+
{{- else -}}
42+
8080
43+
{{- end -}}
44+
{{- end }}
45+
46+
{{/*
47+
Coder service port
48+
*/}}
49+
{{- define "coder.servicePort" }}
50+
{{- if .Values.coder.tls.secretName -}}
51+
443
52+
{{- else -}}
53+
80
54+
{{- end -}}
55+
{{- end }}
56+
57+
{{/*
58+
Port name
59+
*/}}
60+
{{- define "coder.portName" }}
61+
{{- if .Values.coder.tls.secretName -}}
62+
https
63+
{{- else -}}
64+
http
65+
{{- end -}}
66+
{{- end }}
67+
68+
{{/*
69+
Scheme
70+
*/}}
71+
{{- define "coder.scheme" }}
72+
{{- include "coder.portName" . | upper -}}
73+
{{- end }}

helm/templates/coder.yaml

Lines changed: 21 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -34,37 +34,43 @@ spec:
3434
resources:
3535
{{- toYaml .Values.resources | nindent 12 }}
3636
env:
37-
{{- if .Values.coder.tls.secretName }}
3837
- name: CODER_ADDRESS
39-
value: "0.0.0.0:8443"
38+
value: "0.0.0.0:{{ include "coder.port" . }}"
39+
{{- if .Values.coder.tls.secretName }}
4040
- name: CODER_TLS_ENABLE
4141
value: "true"
4242
- name: CODER_TLS_CERT_FILE
4343
value: /etc/ssl/certs/coder/tls.crt
4444
- name: CODER_TLS_KEY_FILE
4545
value: /etc/ssl/certs/coder/tls.key
46-
{{- else }}
47-
- name: CODER_ADDRESS
48-
value: "0.0.0.0:8080"
4946
{{- end }}
5047
{{- with .Values.coder.env -}}
5148
{{ toYaml . | nindent 12 }}
5249
{{- end }}
5350
ports:
54-
{{- if .Values.coder.tls.secretName }}
55-
- name: https
56-
containerPort: 8443
51+
- name: {{ include "coder.portName" . | quote }}
52+
containerPort: {{ include "coder.port" . }}
5753
protocol: TCP
58-
{{- else }}
59-
- name: http
60-
containerPort: 8080
61-
protocol: TCP
62-
{{- end }}
6354
readinessProbe:
6455
httpGet:
6556
path: /api/v2/buildinfo
66-
port: http
57+
port: {{ include "coder.portName" . | quote }}
58+
scheme: {{ include "coder.scheme" . | quote }}
6759
livenessProbe:
6860
httpGet:
6961
path: /api/v2/buildinfo
70-
port: http
62+
port: {{ include "coder.portName" . | quote }}
63+
scheme: {{ include "coder.scheme" . | quote }}
64+
{{- if .Values.coder.tls.secretName }}
65+
volumeMounts:
66+
- name: tls
67+
mountPath: /etc/ssl/certs/coder
68+
readOnly: true
69+
{{- end }}
70+
71+
{{- if .Values.coder.tls.secretName }}
72+
volumes:
73+
- name: tls
74+
secret:
75+
secretName: {{ .Values.coder.tls.secretName | quote }}
76+
{{- end }}

helm/templates/service.yaml

Lines changed: 3 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -9,17 +9,10 @@ metadata:
99
spec:
1010
type: {{ .Values.coder.service.type }}
1111
ports:
12-
{{- if .Values.coder.tls.secretName }}
13-
- name: https
14-
port: 443
15-
targetPort: https
12+
- name: {{ include "coder.portName" . | quote }}
13+
port: {{ include "coder.servicePort" . }}
14+
targetPort: {{ include "coder.portName" . | quote }}
1615
protocol: TCP
17-
{{- else }}
18-
- name: http
19-
port: 80
20-
targetPort: http
21-
protocol: TCP
22-
{{- end }}
2316
selector:
2417
{{- include "coder.selectorLabels" . | nindent 4 }}
2518
{{- end }}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy