feat: make ingress PathType configurable via Helm env var, default to Prefix

[badal773]

Description of Change

In recent versions of the NGINX Ingress Controller, stricter validation rules have been introduced for ingress.spec.rules.http.paths.path when pathType is set to Prefix or Exact. These rules enforce that the path must:

• Begin with a /
• Only include alphanumeric characters, /, _, and -

If a path contains characters outside this set (e.g., for rewrite purposes), the pathType must be set to ImplementationSpecific. This validation is enforced by the Admission Webhook, and non-compliant ingress resources will be denied admission.

To ensure compatibility and prevent potential deployment failures, we are explicitly setting the default pathType to Prefix via an environment variable in the Helm chart. This default is safe for standard use cases where paths comply with the new restrictions.

For advanced use cases involving rewrites or non-standard characters in paths, users should explicitly override the pathType to ImplementationSpecific.

[Copilot]

Pull Request Overview

This PR makes the Ingress pathType configurable via a new Helm environment variable (defaulting to Prefix) to align with stricter NGINX Ingress Controller validation rules.

• Added kcertPathType to values.yaml with a default of Prefix
• Passed KCERT_PATH_TYPE into the deployment via an environment variable
• Bumped chart version to 1.0.8
• Updated HttpChallengeProvider to use an environment‐driven PathType

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File	Description
charts/kcert/values.yaml	Introduced kcertPathType setting with default
charts/kcert/templates/070-Deployment.yaml	Inject KCERT_PATH_TYPE into container env
charts/kcert/Chart.yaml	Bumped chart version to 1.0.8
Challenge/HttpChallengeProvider.cs	Replaced hardcoded PathType with GetPathType

Comments suppressed due to low confidence (2)

charts/kcert/values.yaml:43

• [nitpick] Add a comment above kcertPathType in values.yaml explaining its purpose and allowed values (Prefix, Exact, ImplementationSpecific) for clarity.

kcertPathType: Prefix

Challenge/HttpChallengeProvider.cs:82

• Add unit tests for GetPathType to cover both the default fallback and an overridden environment variable scenario, ensuring the new configurable path type logic is verified.

    private static string GetPathType()

[Copilot]

[nitpick] Extract the default path type ("Prefix") into a shared constant or configuration field to avoid duplicating the literal and keep it in sync with the Helm chart default.

Suggested change

	private static string GetPathType()
	{
	return Environment.GetEnvironmentVariable("KCERT_PATH_TYPE") ?? "Prefix";
	private const string DefaultPathType = "Prefix";
	private static string GetPathType()
	{
	return Environment.GetEnvironmentVariable("KCERT_PATH_TYPE") ?? DefaultPathType;

[Copilot]

Consider validating the environment variable against allowed Kubernetes PathType values (Prefix, Exact, ImplementationSpecific) to fail fast on invalid configuration.