diff --git a/charts/espresso/README.md b/charts/espresso/README.md index 51dbf129..cbca2a43 100644 --- a/charts/espresso/README.md +++ b/charts/espresso/README.md @@ -36,9 +36,9 @@ Kubernetes: `^1.23.0-0` | image.repository | string | `"ghcr.io/espressosystems/espresso-sequencer/sequencer"` | | | image.tag | string | `"main"` | | | ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | | ingress.enabled | bool | `false` | | | ingress.hosts | list | `[]` | Hostnames. Can be provided if Ingress is enabled. | -| ingress.ingressClassName | string | `""` | | | ingress.labels | object | `{}` | | | ingress.paths | list | `[]` | Paths to use for ingress rules By default, the Service created by this chart is used as the target Service for the Ingress. If not defined the following default object will be used: - path: "/" port: 8000 pathType: "ImplementationSpecific" serviceName: "" | | ingress.routePrefix | string | `"/"` | Route Prefix. Can skip it if any item of path has the path defined. | @@ -89,7 +89,7 @@ Kubernetes: `^1.23.0-0` | rbac.name | string | `""` | The name of the role to use. If not set and create is true, a name is generated using the fullname template | | rbac.rules | list | `[{"apiGroups":[""],"resources":["secrets"],"verbs":["create","get","list","watch","delete"]}]` | Required Role rules | | rbac.rules[0] | object | `{"apiGroups":[""],"resources":["secrets"],"verbs":["create","get","list","watch","delete"]}` | Required to create Sequencer env Secret. | -| service.svcAnnotations | object | `{}` | | +| service.annotations | object | `{}` | | | service.type | string | `"ClusterIP"` | | | serviceAccount | object | `{"annotations":{},"name":""}` | Service account ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | diff --git a/charts/espresso/templates/configmap.yaml b/charts/espresso/templates/configmap.yaml index 6cf08ef4..0c1fbf40 100644 --- a/charts/espresso/templates/configmap.yaml +++ b/charts/espresso/templates/configmap.yaml @@ -14,7 +14,6 @@ data: local final_var=$3 # Extract the value for the specified indexed key from the environment - # Using quotes to ensure complete variable names are matched properly local key_full=$(env | grep -e $key_var) # Check if the string starts with the prefix and remove it @@ -38,21 +37,21 @@ data: state_key_var="ESPRESSO_SEQUENCER_PRIVATE_STATE_KEY_$index" staking_key_var="ESPRESSO_SEQUENCER_PRIVATE_STAKING_KEY_$index" key_prefix="espresso-sequencer-private-keys-{{ $type }}=" -{{- if $specs.sqlStorage }} + {{- if $specs.sqlStorage }} postgres_host_var="ESPRESSO_SEQUENCER_POSTGRES_HOST" postgres_user_var="ESPRESSO_SEQUENCER_POSTGRES_USER" postgres_pass_var="ESPRESSO_SEQUENCER_POSTGRES_PASSWORD" postgres_prefix="espresso-sequencer-postgres-{{ $type }}=" -{{- end }} + {{- end }} # Process each key and write to the .env file echo "$(process_key $state_key_var $key_prefix "ESPRESSO_SEQUENCER_PRIVATE_STATE_KEY")" > /etc/espresso/.env echo "$(process_key $staking_key_var $key_prefix "ESPRESSO_SEQUENCER_PRIVATE_STAKING_KEY")" >> /etc/espresso/.env -{{- if $specs.sqlStorage }} + {{- if $specs.sqlStorage }} echo "$(process_key $postgres_host_var $postgres_prefix "ESPRESSO_SEQUENCER_POSTGRES_HOST")" >> /etc/espresso/.env echo "$(process_key $postgres_user_var $postgres_prefix "ESPRESSO_SEQUENCER_POSTGRES_USER")" >> /etc/espresso/.env echo "$(process_key $postgres_pass_var $postgres_prefix "ESPRESSO_SEQUENCER_POSTGRES_PASSWORD")" >> /etc/espresso/.env -{{- end }} + {{- end }} # echo "Dot env file content:" # cat /etc/espresso/.env diff --git a/charts/espresso/templates/ingress.yaml b/charts/espresso/templates/ingress.yaml index 18cfa4e3..4263a438 100644 --- a/charts/espresso/templates/ingress.yaml +++ b/charts/espresso/templates/ingress.yaml @@ -1,36 +1,40 @@ ---- {{- if .Values.ingress.enabled -}} +--- {{- $baseServiceName := include "common.names.fullname" . -}} {{- $routePrefix := .Values.ingress.routePrefix | default "/" -}} {{- $defaultPath := list (dict "path" $routePrefix "port" 8000 "pathType" "ImplementationSpecific") -}} {{- $paths := .Values.ingress.paths | default $defaultPath -}} -apiVersion: networking.k8s.io/v1 +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else -}} +apiVersion: networking.k8s.io/v1beta1 +{{- end }} kind: Ingress metadata: -{{- if .Values.ingress.annotations }} + {{- with .Values.ingress.annotations }} annotations: -{{ toYaml .Values.ingress.annotations | indent 4 }} -{{- end }} + {{ toYaml . }} + {{- end }} name: {{ include "common.names.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.ingress.labels }} - {{ toYaml .Values.ingress.labels | indent 4 }} + {{- with .Values.ingress.labels }} + {{ toYaml . | indent 4 }} {{- end }} - {{- if $.Values.global.namespaceOverride }} - namespace: {{ $.Values.global.namespaceOverride }} + {{- with $.Values.global.namespaceOverride }} + namespace: {{ . }} {{- end }} spec: - {{- if .Values.ingress.ingressClassName }} - ingressClassName: {{ .Values.ingress.ingressClassName }} + {{- with .Values.ingress.className }} + ingressClassName: {{ . }} {{- end }} rules: {{- if .Values.ingress.hosts }} - {{- range $host := .Values.ingress.hosts }} + {{- range $host := .Values.ingress.hosts }} - host: {{ tpl $host $ }} http: paths: - {{- range $p := $paths }} + {{- range $p := $paths }} - path: {{ $p.path }} pathType: {{ $p.pathType }} backend: @@ -38,12 +42,12 @@ spec: name: {{ $p.serviceName | default $baseServiceName }} port: number: {{ $p.port }} - {{- end }} - {{- end }} + {{- end }} + {{- end }} {{- else }} - http: paths: - {{- range $p := $paths }} + {{- range $p := $paths }} - path: {{ $p.path }} pathType: {{ $p.pathType }} backend: @@ -51,10 +55,10 @@ spec: name: {{ $p.serviceName | default $baseServiceName }} port: number: {{ $p.port }} + {{- end }} {{- end }} - {{- end }} - {{- if .Values.ingress.tls }} + {{- with .Values.ingress.tls }} tls: -{{ tpl (toYaml .Values.ingress.tls | indent 4) . }} + {{ tpl (toYaml . | indent 4) . }} {{- end }} {{- end }} diff --git a/charts/espresso/templates/role.yaml b/charts/espresso/templates/role.yaml index 4d13e9d5..8b8575ba 100644 --- a/charts/espresso/templates/role.yaml +++ b/charts/espresso/templates/role.yaml @@ -6,5 +6,5 @@ metadata: labels: {{- include "common.labels.standard" . | nindent 4 }} rules: -{{- toYaml .Values.rbac.rules | nindent 0 }} + {{- toYaml .Values.rbac.rules | nindent 0 }} {{- end }} diff --git a/charts/espresso/templates/secret.yaml b/charts/espresso/templates/secret.yaml index a212da21..5cd43376 100644 --- a/charts/espresso/templates/secret.yaml +++ b/charts/espresso/templates/secret.yaml @@ -5,8 +5,8 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: "eso-espresso-sequencer-secrets-{{ $type }}" - {{- if $.Values.global.namespaceOverride }} - namespace: {{ $.Values.global.namespaceOverride }} + {{- with $.Values.global.namespaceOverride }} + namespace: {{ . }} {{- end }} spec: refreshInterval: "1h" @@ -16,9 +16,9 @@ spec: target: name: "eso-espresso-sequencer-secrets-{{ $type }}" creationPolicy: Owner - {{- if $specs.externalSecrets.data }} + {{- with $specs.externalSecrets.data }} data: - {{- $specs.externalSecrets.data | toYaml | trim | nindent 2 }} + {{- . | toYaml | trim | nindent 2 }} {{- end }} {{- end }} {{- end }} \ No newline at end of file diff --git a/charts/espresso/templates/service.yaml b/charts/espresso/templates/service.yaml index 5760d1df..0000a6ff 100644 --- a/charts/espresso/templates/service.yaml +++ b/charts/espresso/templates/service.yaml @@ -8,12 +8,12 @@ metadata: {{- include "common.labels.standard" $ | nindent 4 }} pod: "{{ include "common.names.fullname" $ }}" type: api -{{- if $.Values.service.svcAnnotations }} + {{- with $.Values.service.annotations }} annotations: - {{ toYaml $.Values.service.svcAnnotations | nindent 4 | trim }} -{{- end }} - {{- if $.Values.global.namespaceOverride }} - namespace: {{ $.Values.global.namespaceOverride }} + {{ toYaml . | nindent 4 | trim }} + {{- end }} + {{- with $.Values.global.namespaceOverride }} + namespace: {{ . }} {{- end }} spec: type: {{ $.Values.service.type }} # ClusterIP, NodePort, LoadBalancer, or ExternalName diff --git a/charts/espresso/templates/serviceaccount.yaml b/charts/espresso/templates/serviceaccount.yaml index adfa7012..6896a029 100644 --- a/charts/espresso/templates/serviceaccount.yaml +++ b/charts/espresso/templates/serviceaccount.yaml @@ -10,7 +10,7 @@ metadata: annotations: {{- toYaml . | nindent 4 }} {{- end }} - {{- if $.Values.global.namespaceOverride }} - namespace: {{ $.Values.global.namespaceOverride }} + {{- with $.Values.global.namespaceOverride }} + namespace: {{ . }} {{- end }} {{- end }} diff --git a/charts/espresso/values.yaml b/charts/espresso/values.yaml index 791c6531..85f49f36 100644 --- a/charts/espresso/values.yaml +++ b/charts/espresso/values.yaml @@ -100,17 +100,18 @@ keystoreCLI: service: type: ClusterIP # Port will target ESPRESSO_SEQUENCER_API_PORT - svcAnnotations: {} + annotations: {} ingress: enabled: false - ingressClassName: "" + className: "" # -- Route Prefix. Can skip it if any item of path has the path defined. routePrefix: / annotations: {} - + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" labels: {} # -- Hostnames. @@ -118,7 +119,7 @@ ingress: # hosts: [] # hosts: - # - prometheus.domain.com + # - espresso.example.com # -- Paths to use for ingress rules # By default, the Service created by this chart is used as the target @@ -146,9 +147,9 @@ ingress: # Secret must be manually created in the namespace # tls: [] - # - secretName: execution-beacon-general-tls - # hosts: - # - nethermind.example.com + # - secretName: chart-example-tls + # hosts: + # - chart-example.local externalSecrets: enabled: false