Add TLS settings to k8s.jsonnet

Use jsonnet computed field names to optionally add TLS configuration to generated Ingress object In this way, one can easily let the kubernetes ingress handle TLS, with or without a secretName Additional configuration would be required to tie into cert-manager for automated cert generation
4 years ago · 1dc62c193f
parent d21b225a70
commit 1dc62c193f
1 changed files with 16 additions and 2 deletions
--- a/k8s.jsonnet
+++ b/k8s.jsonnet
@ -43,7 +43,14 @@

    // The hostname to use in the Ingress
    ingress_host: "wubloader.example.com",
-    
+
+    // Set to true to let the ingress handle TLS
+    ingress_tls: true,
+
+    // Set to true and give a secretName for ingress, if required for ingress TLS
+    ingress_secret_name_needed: false,
+    ingress_secret_name: "wubloader/tls",
+
    // Connection args for the database.
    // If database is defined in this config, host and port should be postgres:5432.
    db_args: {
@ -232,8 +239,15 @@
            },
          },
        ],
+        [if ($.config.ingress_tls) then 'tls']: [
+            {
+                hosts: [
+                    $.config.ingress_host,
+                ],
+                [if ($.config.ingress_secret_name_needed) then 'secretName']: $.config.ingress_secret_name,
+            },
+        ],
      },
    },
  ],
-
 }