Loading deploy/kubernetes/chart/files/orp/esgf_policies_common.xml 0 → 100644 +6 −0 Original line number Diff line number Diff line <?xml version="1.0" encoding="ISO-8859-1"?> <policies xmlns="http://www.esgf.org/security"> {{- range .Values.orp.policies }} <policy resource="{{ .resource }}" attribute_type="{{ .attributeType }}" attribute_value="{{ .attributeValue }}" action="{{ .action }}" /> {{- end }} </policies> deploy/kubernetes/chart/templates/config/hostcert.yaml 0 → 100644 +18 −0 Original line number Diff line number Diff line {{- $tls := .Values.ingress.tls -}} {{- if not $tls.secretName -}} apiVersion: v1 kind: Secret metadata: name: {{ include "esgf.component.fullname" (list . "hostcert") }} labels: {{ include "esgf.component.labels" (list . "hostcert") | nindent 4 }} type: kubernetes.io/tls data: {{- if $tls.pem.cert }} tls.crt: {{ $tls.pem.cert | b64enc | quote }} tls.key: {{ $tls.pem.key | b64enc | quote }} {{- else }} {{- $cert := genSelfSignedCert .Values.hostname nil nil 365 }} tls.crt: {{ $cert.Cert | b64enc | quote }} tls.key: {{ $cert.Key | b64enc | quote }} {{- end }} {{- end -}} deploy/kubernetes/chart/templates/ingress.yaml +11 −3 Original line number Diff line number Diff line {{- if .Values.ingress.enabled -}} apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: Loading @@ -11,7 +10,11 @@ spec: tls: - hosts: - {{ .Values.hostname | quote }} secretName: {{ .Values.ingress.tlsSecretName | required "Specify a TLS secret name" }} {{- if .Values.ingress.tls.secretName }} secretName: {{ .Values.ingress.tls.secretName }} {{- else }} secretName: {{ include "esgf.component.fullname" (list . "hostcert") }} {{- end }} rules: - host: {{ .Values.hostname | quote }} http: Loading @@ -28,4 +31,9 @@ spec: serviceName: {{ include "esgf.component.fullname" (list . "slcs") }} servicePort: 8080 {{- end }} {{- if .Values.orp.enabled }} - path: /esg-orp backend: serviceName: {{ include "esgf.component.fullname" (list . "orp") }} servicePort: 8080 {{- end }} deploy/kubernetes/chart/templates/orp/_helpers.tpl 0 → 100644 +3 −0 Original line number Diff line number Diff line {{- define "esgf.orp.endpoint.authorizationService" -}} {{- printf "https://%s/esg-orp/saml/soap/secure/authorizationService.htm" .Values.hostname -}} {{- end -}} deploy/kubernetes/chart/templates/orp/configmap.yaml 0 → 100644 +9 −0 Original line number Diff line number Diff line {{- if .Values.orp.enabled -}} apiVersion: v1 kind: ConfigMap metadata: name: {{ include "esgf.component.fullname" (list . "orp") }} labels: {{ include "esgf.component.labels" (list . "orp") | nindent 4 }} data: {{ tpl (.Files.Glob "files/orp/*").AsConfig . | indent 2 }} {{- end -}} Loading
deploy/kubernetes/chart/files/orp/esgf_policies_common.xml 0 → 100644 +6 −0 Original line number Diff line number Diff line <?xml version="1.0" encoding="ISO-8859-1"?> <policies xmlns="http://www.esgf.org/security"> {{- range .Values.orp.policies }} <policy resource="{{ .resource }}" attribute_type="{{ .attributeType }}" attribute_value="{{ .attributeValue }}" action="{{ .action }}" /> {{- end }} </policies>
deploy/kubernetes/chart/templates/config/hostcert.yaml 0 → 100644 +18 −0 Original line number Diff line number Diff line {{- $tls := .Values.ingress.tls -}} {{- if not $tls.secretName -}} apiVersion: v1 kind: Secret metadata: name: {{ include "esgf.component.fullname" (list . "hostcert") }} labels: {{ include "esgf.component.labels" (list . "hostcert") | nindent 4 }} type: kubernetes.io/tls data: {{- if $tls.pem.cert }} tls.crt: {{ $tls.pem.cert | b64enc | quote }} tls.key: {{ $tls.pem.key | b64enc | quote }} {{- else }} {{- $cert := genSelfSignedCert .Values.hostname nil nil 365 }} tls.crt: {{ $cert.Cert | b64enc | quote }} tls.key: {{ $cert.Key | b64enc | quote }} {{- end }} {{- end -}}
deploy/kubernetes/chart/templates/ingress.yaml +11 −3 Original line number Diff line number Diff line {{- if .Values.ingress.enabled -}} apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: Loading @@ -11,7 +10,11 @@ spec: tls: - hosts: - {{ .Values.hostname | quote }} secretName: {{ .Values.ingress.tlsSecretName | required "Specify a TLS secret name" }} {{- if .Values.ingress.tls.secretName }} secretName: {{ .Values.ingress.tls.secretName }} {{- else }} secretName: {{ include "esgf.component.fullname" (list . "hostcert") }} {{- end }} rules: - host: {{ .Values.hostname | quote }} http: Loading @@ -28,4 +31,9 @@ spec: serviceName: {{ include "esgf.component.fullname" (list . "slcs") }} servicePort: 8080 {{- end }} {{- if .Values.orp.enabled }} - path: /esg-orp backend: serviceName: {{ include "esgf.component.fullname" (list . "orp") }} servicePort: 8080 {{- end }}
deploy/kubernetes/chart/templates/orp/_helpers.tpl 0 → 100644 +3 −0 Original line number Diff line number Diff line {{- define "esgf.orp.endpoint.authorizationService" -}} {{- printf "https://%s/esg-orp/saml/soap/secure/authorizationService.htm" .Values.hostname -}} {{- end -}}
deploy/kubernetes/chart/templates/orp/configmap.yaml 0 → 100644 +9 −0 Original line number Diff line number Diff line {{- if .Values.orp.enabled -}} apiVersion: v1 kind: ConfigMap metadata: name: {{ include "esgf.component.fullname" (list . "orp") }} labels: {{ include "esgf.component.labels" (list . "orp") | nindent 4 }} data: {{ tpl (.Files.Glob "files/orp/*").AsConfig . | indent 2 }} {{- end -}}
