[bitnami/haproxy] add missing template for tls-secrets (#29151)

* add missing template for tls-secrets (haproxy) Signed-off-by: Alexej Disterhoft <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <[email protected]> --------- Signed-off-by: Alexej Disterhoft <[email protected]> Signed-off-by: Bitnami Containers <[email protected]> Signed-off-by: Fran Mulero <[email protected]> Co-authored-by: Bitnami Containers <[email protected]> Co-authored-by: Fran Mulero <[email protected]>
bitnami · Sep 6, 2024 · 432a93b · 432a93b
1 parent a8eb883
commit 432a93b
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 5 deletions.
diff --git a/bitnami/haproxy/CHANGELOG.md b/bitnami/haproxy/CHANGELOG.md
@@ -1,8 +1,12 @@
 # Changelog
 
-## 2.1.3 (2024-09-06)
+## 2.1.4 (2024-09-06)
 
-* [bitnami/haproxy] Release 2.1.3 ([#29241](https://github.com/bitnami/charts/pull/29241))
+* [bitnami/haproxy] add missing template for tls-secrets ([#29151](https://github.com/bitnami/charts/pull/29151))
+
+## <small>2.1.3 (2024-09-06)</small>
+
+* [bitnami/haproxy] Release 2.1.3 (#29241) ([3b73987](https://github.com/bitnami/charts/commit/3b7398704566b4e129dfb292800afc37322a29d3)), closes [#29241](https://github.com/bitnami/charts/issues/29241)
 
 ## <small>2.1.2 (2024-09-03)</small>
 

diff --git a/bitnami/haproxy/Chart.yaml b/bitnami/haproxy/Chart.yaml
@@ -28,4 +28,4 @@ maintainers:
 name: haproxy
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/haproxy
-version: 2.1.3
+version: 2.1.4
diff --git a/bitnami/haproxy/templates/ingress.yaml b/bitnami/haproxy/templates/ingress.yaml
@@ -46,9 +46,9 @@ spec:
     {{- if .Values.ingress.extraRules }}
     {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }}
     {{- end }}
-  {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }}
+  {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned (not (empty .Values.ingress.secrets)))) .Values.ingress.extraTls }}
   tls:
-    {{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }}
+    {{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned (not (empty .Values.ingress.secrets))) }}
     - hosts:
         - {{ .Values.ingress.hostname | quote }}
       secretName: {{ printf "%s-tls" .Values.ingress.hostname }}

diff --git a/bitnami/haproxy/templates/tls-secrets.yaml b/bitnami/haproxy/templates/tls-secrets.yaml
@@ -0,0 +1,44 @@
+{{- /*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if .Values.ingress.enabled }}
+{{- if .Values.ingress.secrets }}
+{{- range .Values.ingress.secrets }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .name }}
+  namespace: {{ include "common.names.namespace" $ | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }}
+  {{- if $.Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ .certificate | b64enc }}
+  tls.key: {{ .key | b64enc }}
+---
+{{- end }}
+{{- end }}
+{{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
+{{- $secretName := printf "%s-tls" .Values.ingress.hostname }}
+{{- $ca := genCA "haproxy-ca" 365 }}
+{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $secretName }}
+  namespace: {{ include "common.names.namespace" $ | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
+  tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
+  ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
+{{- end }}
+{{- end }}