From 50d5ec9452af794fe5fcd205d1306ec8f4b91e1c Mon Sep 17 00:00:00 2001 From: gaima8 <7595658+gaima8@users.noreply.github.com> Date: Thu, 1 Apr 2021 13:24:53 +0100 Subject: [PATCH 1/2] Be a TLS enabled LoadBalancer --- charts/drone/templates/_helpers.tpl | 13 +++++++++++++ charts/drone/templates/deployment.yaml | 5 +++++ charts/drone/templates/service.yaml | 11 +++++++++++ charts/drone/values.yaml | 13 ++++++++++++- 4 files changed, 41 insertions(+), 1 deletion(-) diff --git a/charts/drone/templates/_helpers.tpl b/charts/drone/templates/_helpers.tpl index 24579cc..09ef4f1 100644 --- a/charts/drone/templates/_helpers.tpl +++ b/charts/drone/templates/_helpers.tpl @@ -62,3 +62,16 @@ Create the name of the service account to use {{ default "default" .Values.serviceAccount.name }} {{- end -}} {{- end -}} + +{{/* +TLS enabled via extraVolumes +*/}} +{{- define "drone.tlsEnabled" -}} + {{/* Iterate through each of the extraVolumes */}} + {{- range .Values.extraVolumes -}} + {{/* If a volume called certs exist TLS is enabled */}} + {{- if eq .name "certs" }} +true + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/drone/templates/deployment.yaml b/charts/drone/templates/deployment.yaml index ba17b54..88ca896 100644 --- a/charts/drone/templates/deployment.yaml +++ b/charts/drone/templates/deployment.yaml @@ -42,7 +42,12 @@ spec: livenessProbe: httpGet: path: / + {{- if (include "drone.tlsEnabled" .) }} + port: 443 + scheme: HTTPS + {{- else }} port: http + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} envFrom: diff --git a/charts/drone/templates/service.yaml b/charts/drone/templates/service.yaml index 5acb20a..a6655e7 100644 --- a/charts/drone/templates/service.yaml +++ b/charts/drone/templates/service.yaml @@ -6,10 +6,21 @@ metadata: {{- include "drone.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} +{{- if eq "LoadBalancer" .Values.service.type }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + ports: + {{- range $key, $val := .Values.servicePorts }} + - port: {{ $val.port }} + targetPort: {{ $val.targetPort }} + protocol: {{ $val.protocol }} + name: {{ $key }} + {{- end }} +{{- else }} ports: - port: {{ .Values.service.port }} targetPort: http protocol: TCP name: http +{{- end }} selector: {{- include "drone.selectorLabels" . | nindent 4 }} diff --git a/charts/drone/values.yaml b/charts/drone/values.yaml index f041adb..89a71b9 100644 --- a/charts/drone/values.yaml +++ b/charts/drone/values.yaml @@ -40,6 +40,17 @@ service: type: ClusterIP port: 80 +## For a LoadBalancer service define the ports to use +servicePorts: {} +# http: +# port: 80 +# targetPort: 80 +# protocol: TCP +# https: +# port: 443 +# targetPort: 443 +# protocol: TCP + ingress: enabled: false annotations: {} @@ -159,7 +170,7 @@ env: ## REQUIRED: Set the user-visible Drone hostname, sans protocol. ## Ref: https://docs.drone.io/installation/reference/drone-server-host/ ## - DRONE_SERVER_HOST: "" + DRONE_SERVER_HOST: "chart-example.local" ## The protocol to pair with the value in DRONE_SERVER_HOST (http or https). ## Ref: https://docs.drone.io/installation/reference/drone-server-proto/ ## From 1ca40bf686e0feace3674381921f82756b445590 Mon Sep 17 00:00:00 2001 From: Mike Williams <7595658+gaima8@users.noreply.github.com> Date: Mon, 22 Nov 2021 14:16:36 +0000 Subject: [PATCH 2/2] Update charts/drone/templates/_helpers.tpl Co-authored-by: Jacob Floyd --- charts/drone/templates/_helpers.tpl | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/charts/drone/templates/_helpers.tpl b/charts/drone/templates/_helpers.tpl index 09ef4f1..ea15596 100644 --- a/charts/drone/templates/_helpers.tpl +++ b/charts/drone/templates/_helpers.tpl @@ -67,11 +67,7 @@ Create the name of the service account to use TLS enabled via extraVolumes */}} {{- define "drone.tlsEnabled" -}} - {{/* Iterate through each of the extraVolumes */}} - {{- range .Values.extraVolumes -}} - {{/* If a volume called certs exist TLS is enabled */}} - {{- if eq .name "certs" }} + {{- if or (hasKey .Values.env "DRONE_TLS_AUTOCERT") (hasKey .Values.env "DRONE_TLS_CERT") -}} true - {{- end -}} {{- end -}} {{- end -}}