refactor

cryostatio · Nov 22, 2024 · 9751c56 · 9751c56
1 parent 823d5d2
commit 9751c56
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 11 deletions.
diff --git a/charts/cryostat/templates/NOTES.txt b/charts/cryostat/templates/NOTES.txt
@@ -39,11 +39,7 @@
   kubectl -n {{ .Release.Namespace }} wait --for=condition=available --timeout=60s deploy/{{ include "cryostat.deploymentName" . }}
 
   export SVC_NAME=$(kubectl get services -n {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "cryostat.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=cryostat" --sort-by=.metadata.creationTimestamp -o jsonpath="{.items[-1:].metadata.name}")
-{{- if or .Values.authentication.openshift.enabled .Values.oauth2Proxy.tls.selfSigned.enabled }}
-  kubectl -n {{ .Release.Namespace }} port-forward svc/$SVC_NAME 8443:https
-{{- else }}
-  kubectl -n {{ .Release.Namespace }} port-forward svc/$SVC_NAME 8080:http
-{{- end }}
+  kubectl -n {{ .Release.Namespace }} port-forward svc/$SVC_NAME {{ include "cryostat.core.service.port" . }}:{{ include "cryostat.core.service.scheme" . }}
   ```
   {{- $listNum = add1 $listNum }}
 {{- end }}
@@ -63,6 +59,6 @@
 {{- else if contains "LoadBalancer" .Values.core.service.type }}
   echo http://$SERVICE_IP:{{ .Values.core.service.httpPort }}
 {{- else if contains "ClusterIP" .Values.core.service.type }}
-  {{ ternary "https" "http" (or .Values.authentication.openshift.enabled .Values.oauth2Proxy.tls.selfSigned.enabled) }}://localhost:{{ ternary "8443" "8080" (or .Values.authentication.openshift.enabled .Values.oauth2Proxy.tls.selfSigned.enabled) }}
+  {{ include "cryostat.core.service.scheme" . }}://localhost:{{ include "cryostat.core.service.port" . }}
 {{- end }}
   ```
diff --git a/charts/cryostat/templates/_helpers.tpl b/charts/cryostat/templates/_helpers.tpl
@@ -62,6 +62,27 @@ Create the name of the service account to use.
 {{- end }}
 {{- end }}
 
+{{/*
+Cryostat service TLS enablement. Returns the string values "true" or "false".
+*/}}
+{{- define "cryostat.core.service.tls" -}}
+{{ or .Values.authentication.openshift.enabled .Values.oauth2Proxy.tls.selfSigned.enabled }}
+{{- end }}
+
+{{/*
+Cryostat service protocol. HTTPS if TLS is enabled, HTTP otherwise.
+*/}}
+{{- define "cryostat.core.service.scheme" -}}
+{{ ternary "https" "http" ( include "cryostat.core.service.tls" . | eq "true" ) }}
+{{- end }}
+
+{{/*
+Cryostat service port. 8443 if TLS is enabled, 8080 otherwise.
+*/}}
+{{- define "cryostat.core.service.port" -}}
+{{ ternary 8443 8080 ( ( include "cryostat.core.service.scheme" . ) | eq "https" ) }}
+{{- end }}
+
 {{/*
 Get or generate a default connection key for database.
 */}}

diff --git a/charts/cryostat/templates/cryostat_deployment.yaml b/charts/cryostat/templates/cryostat_deployment.yaml
@@ -75,7 +75,7 @@ spec:
           - name: QUARKUS_REST_CLIENT_EXTENSIONS_API_VERIFY_HOST
             value: "false"
           - name: QUARKUS_REST_CLIENT_REPORTS_URL
-            value: {{ printf "%s://cryostat:$(REPORTS_PASS_SECRET_KEY)@%s-reports.%s.svc:%d" (ternary "https" "http" (or (.Values.authentication.openshift).enabled .Values.oauth2Proxy.tls.selfSigned.enabled)) $fullName $.Release.Namespace (int .Values.reports.service.httpPort) }}
+            value: {{ printf "%s://cryostat:$(REPORTS_PASS_SECRET_KEY)@%s-reports.%s.svc:%d" (include "cryostat.core.service.scheme" .) $fullName $.Release.Namespace (int .Values.reports.service.httpPort) }}
           {{- end }}
           - name: QUARKUS_DATASOURCE_USERNAME
             value: cryostat

diff --git a/charts/cryostat/templates/cryostat_service.yaml b/charts/cryostat/templates/cryostat_service.yaml
@@ -19,7 +19,7 @@ spec:
       protocol: TCP
       name: http
       appProtocol: http
-    {{- if or (.Values.authentication.openshift).enabled .Values.oauth2Proxy.tls.selfSigned.enabled }}
+    {{- if ( include "cryostat.core.service.tls" . | eq "true" ) }}
     - port: 443
       targetPort: 8443
       protocol: TCP

diff --git a/charts/cryostat/templates/cryostat_tls_secret.yaml b/charts/cryostat/templates/cryostat_tls_secret.yaml
@@ -1,4 +1,4 @@
-{{- if (and (not (.Values.authentication.openshift).enabled) (.Values.oauth2Proxy.tls.selfSigned.enabled)) }}
+{{- if ( include "cryostat.core.service.tls" . | eq "true" ) }}
 {{- $fullName := include "cryostat.fullname" . }}
 {{- $cert := genSelfSignedCert $fullName nil nil 365 }}
 apiVersion: v1

diff --git a/charts/cryostat/templates/reports_service.yaml b/charts/cryostat/templates/reports_service.yaml
@@ -11,7 +11,7 @@ spec:
   type: {{ .Values.reports.service.type }}
   ports:
     - port: {{ .Values.reports.service.httpPort }}
-      targetPort: {{ ternary "https" "http" (or (.Values.authentication.openshift).enabled .Values.oauth2Proxy.tls.selfSigned.enabled) }}
+      targetPort: {{ include "cryostat.core.service.scheme" . }}
   selector:
     {{- include "cryostat.selectorLabels" $ | nindent 4 }}
     app.kubernetes.io/component: reports

diff --git a/charts/cryostat/templates/reports_tls_secret.yaml b/charts/cryostat/templates/reports_tls_secret.yaml
@@ -1,4 +1,4 @@
-{{- if (and (not (.Values.authentication.openshift).enabled) (.Values.oauth2Proxy.tls.selfSigned.enabled)) }}
+{{- if ( include "cryostat.core.service.tls" | eq "true" ) }}
 {{- $fullName := include "cryostat.fullname" . }}
 {{- $cert := genSelfSignedCert (printf "%s-reports" $fullName) nil nil 365 }}
 apiVersion: v1