Skip to content

Commit

Permalink
helm: allow container port configuration
Browse files Browse the repository at this point in the history 
Signed-off-by: Alejandro Moreno <[email protected]>
  • Loading branch information
@alemorcuq
alemorcuq committed Oct 2, 2024
1 parent de1f4dd commit cfa14fb
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 7 deletions.
8 changes: 6 additions & 2 deletions helm/sealed-secrets/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,14 +145,18 @@ The command removes all the Kubernetes components associated with the chart and
| `additionalVolumes` | Extra Volumes for the Sealed Secrets Controller Deployment | `{}` |
| `additionalVolumeMounts` | Extra volumeMounts for the Sealed Secrets Controller container | `{}` |
| `hostNetwork` | Sealed Secrets pods' hostNetwork | `false` |
| `containerPorts.http` | Controller HTTP Port on the Host and Container | `8080` |
| `containerPorts.metrics` | Metrics HTTP Port on the Host and Container | `8081` |
| `hostPorts.http` | Controller HTTP Port on the Host | `""` |
| `hostPorts.metrics` | Metrics HTTP Port on the Host | `""` |
| `dnsPolicy` | Sealed Secrets pods' dnsPolicy | `""` |

### Traffic Exposure Parameters

| Name | Description | Value |
| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ |
| `service.type` | Sealed Secret service type | `ClusterIP` |
| `service.loadBalancerClass` | Sealed Secret service loadBalancerClass | `` |
| `service.loadBalancerClass` | Sealed Secret service loadBalancerClass | `""` |
| `service.port` | Sealed Secret service HTTP port | `8080` |
| `service.nodePort` | Node port for HTTP | `""` |
| `service.annotations` | Additional custom annotations for Sealed Secret service | `{}` |
Expand Down Expand Up @@ -214,7 +218,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.dashboards.annotations` | Annotations to be added to the Grafana dashboard ConfigMap | `{}` |
| `metrics.dashboards.namespace` | Namespace where Grafana dashboard ConfigMap is deployed | `""` |
| `metrics.service.type` | Sealed Secret Metrics service type | `ClusterIP` |
| `metrics.service.loadBalancerClass` | Sealed Secret service Metrics loadBalancerClass | `` |
| `metrics.service.loadBalancerClass` | Sealed Secret Metrics service loadBalancerClass | `""` |
| `metrics.service.port` | Sealed Secret service Metrics HTTP port | `8081` |
| `metrics.service.nodePort` | Node port for HTTP | `""` |
| `metrics.service.annotations` | Additional custom annotations for Sealed Secret Metrics service | `{}` |
Expand Down
26 changes: 22 additions & 4 deletions helm/sealed-secrets/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,14 @@ spec:
- --log-format
- {{ .Values.logFormat }}
{{- end }}
{{- if .Values.containerPorts.http }}
- --listen-addr
- {{ printf ":%s" (.Values.containerPorts.http | toString ) }}
{{- end }}
{{- if .Values.containerPorts.metrics }}
- --listen-metrics-addr
- {{ printf ":%s" (.Values.containerPorts.metrics | toString) }}
{{- end }}
{{- end }}
image: {{ printf "%s/%s:%s" .Values.image.registry .Values.image.repository .Values.image.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
Expand All @@ -146,10 +154,20 @@ spec:
resource: limits.memory
{{- end }}
ports:
- containerPort: 8080
name: http
- containerPort: 8081
name: metrics
- name: http
containerPort: {{ .Values.containerPorts.http | default "8080" }}
{{- if .Values.hostNetwork }}
hostPort: {{ .Values.containerPorts.http }}
{{- else if .Values.hostPorts.http }}
hostPort: {{ .Values.hostPorts.http }}
{{- end }}
- name: metrics
containerPort: {{ .Values.containerPorts.metrics | default "8081" }}
{{- if .Values.hostNetwork }}
hostPort: {{ .Values.containerPorts.metrics }}
{{- else if .Values.hostPorts.metrics }}
hostPort: {{ .Values.hostPorts.metrics }}
{{- end }}
{{- if .Values.startupProbe.enabled }}
startupProbe: {{- include "sealed-secrets.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }}
tcpSocket:
Expand Down
18 changes: 17 additions & 1 deletion helm/sealed-secrets/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -230,9 +230,25 @@ additionalVolumes: []
additionalVolumeMounts: []
## @param hostNetwork Sealed Secrets pods' hostNetwork
hostNetwork: false
## Sealed Secrets controller ports to open
## If hostNetwork true: the hostPort is set identical to the containerPort
## @param containerPorts.http Controller HTTP Port on the Host and Container
## @param containerPorts.metrics Metrics HTTP Port on the Host and Container
##
containerPorts:
http: 8080
metrics: 8081
## Sealed Secrets controller ports to be exposed as hostPort
## If hostNetwork is false, only the ports specified here will be exposed (or not if set to an empty string)
## @param hostPorts.http Controller HTTP Port on the Host
## @param hostPorts.metrics Metrics HTTP Port on the Host
##
hostPorts:
http: ""
metrics: ""

## @param dnsPolicy Sealed Secrets pods' dnsPolicy
dnsPolicy: ""

## @section Traffic Exposure Parameters

## Sealed Secret service parameters
Expand Down

0 comments on commit cfa14fb

Please sign in to comment.