diff --git a/templates/config.yaml b/templates/config.yaml
index 3010ec4..abad31b 100644
--- a/templates/config.yaml
+++ b/templates/config.yaml
@@ -4,6 +4,14 @@ metadata:
name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
data:
+ frontend.json: |
+ {{ .Values.frontend | toJson }}
+ backend.json: |
+ {{ .Values.backend | toJson }}
+
+
+ ### DEPRECATED:
+
# Enable TLS (HTTPS)?
workbench.tls.enable: "true"
@@ -11,12 +19,30 @@ data:
workbench.ingress.tls.enable: "true"
workbench.ingress.tls.cluster_issuer: "{{ default "" .Values.certmgr.cluster_issuer }}"
workbench.ingress.tls.issuer: "{{ default "" .Values.certmgr.issuer }}"
- workbench.ingress.tls.namespace: "{{ default "" .Values.certmgr.namespace }}"
# Customize this instance of Workbench
workbench.subdomain_prefix: "{{ .Values.workbench.subdomain_prefix }}"
workbench.domain: "{{ .Values.workbench.domain }}"
+ workbench.cookie_domain: "{{ .Values.workbench.domain }}"
+
+ workbench.advanced_features.show_config: "{{ .Values.workbench.advanced_features.show_config }}"
+ workbench.advanced_features.show_logs: "{{ .Values.workbench.advanced_features.show_logs }}"
+ workbench.advanced_features.show_console: "{{ .Values.workbench.advanced_features.show_console }}"
+ workbench.advanced_features.show_service_help_icon: "{{ .Values.workbench.advanced_features.show_service_help_icon }}"
+ workbench.advanced_features.show_edit_service: "{{ .Values.workbench.advanced_features.show_edit_service }}"
+ workbench.advanced_features.show_remove_service: "{{ .Values.workbench.advanced_features.show_remove_service }}"
+ workbench.advanced_features.show_create_spec: "{{ .Values.workbench.advanced_features.show_create_spec }}"
+ workbench.advanced_features.show_import_spec: "{{ .Values.workbench.advanced_features.show_import_spec }}"
+ workbench.advanced_features.show_file_manager: "{{ .Values.workbench.advanced_features.show_file_manager }}"
+
workbench.name: "{{ .Values.workbench.name }}"
+ workbench.landing_html: >-
+ {{ .Values.workbench.landing_html }}
+ workbench.brand_logo_path: {{ .Values.workbench.brand_logo_path | quote }}
+ workbench.favicon_path: {{ .Values.workbench.favicon_path | quote }}
+ workbench.learn_more_url: {{ .Values.workbench.learn_more_url | quote }}
+ workbench.help_links: {{ .Values.workbench.help_links | quote }}
+
workbench.support_email: "{{ .Values.workbench.support_email }}"
workbench.analytics_tracking_id: "{{ .Values.workbench.analytics_tracking_id }}"
workbench.node_selector_name: "{{ .Values.workbench.node_selector_name }}"
diff --git a/templates/deployment.yaml b/templates/deployment.yaml
index 3a95050..6f0d572 100644
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@@ -111,6 +111,8 @@ metadata:
annotations:
configHash: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
spec:
+ strategy:
+ type: "{{ .Values.workbench.strategyType | default "RollingUpdate" }}"
replicas: 1
selector:
matchLabels:
@@ -158,6 +160,11 @@ spec:
configMapKeyRef:
name: {{ .Release.Name }}
key: workbench.domain
+ - name: COOKIEDOMAIN
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.cookie_domain
- name: SUBDOMAIN_PREFIX
valueFrom:
configMapKeyRef:
@@ -189,10 +196,84 @@ spec:
{{ else }}
value: "$(DOMAIN)"
{{ end }}
- - name: NDSLABS_APISERVER_SERVICE_PORT
- value: "30001"
+ - name: WORKBENCH_NAME
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.name
+ - name: WORKBENCH_LANDING_HTML
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.landing_html
+ - name: WORKBENCH_BRAND_LOGO_PATH
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.brand_logo_path
+ - name: WORKBENCH_FAVICON_PATH
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.favicon_path
+ - name: WORKBENCH_LEARNMORE_URL
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.learn_more_url
+ - name: WORKBENCH_HELP_LINKS
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.help_links
- name: APISERVER_PATH
value: "/api"
+ - name: SHOW_CONFIG
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_config
+ - name: SHOW_LOGS
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_logs
+ - name: SHOW_CONSOLE
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_console
+ - name: SHOW_REMOVE_SERVICE
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_remove_service
+ - name: SHOW_EDIT_SERVICE
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_edit_service
+ - name: SHOW_SERVICE_HELP_ICON
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_service_help_icon
+ - name: SHOW_CREATE_SPEC
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_create_spec
+ - name: SHOW_IMPORT_SPEC
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_import_spec
+ - name: SHOW_FILE_MANAGER
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}
+ key: workbench.advanced_features.show_file_manager
+
readinessProbe:
httpGet:
path: /asset/png/favicon-2-32x32.png
diff --git a/templates/ingress.yaml b/templates/ingress.yaml
index c5fefd7..888ecc0 100644
--- a/templates/ingress.yaml
+++ b/templates/ingress.yaml
@@ -5,11 +5,15 @@ metadata:
name: {{ .Release.Name }}-auth
namespace: {{ .Release.Namespace }}
annotations:
- kubernetes.io/ingress.class: "nginx"
-{{ if .Values.workbench.subdomain_prefix }} nginx.ingress.kubernetes.io/auth-url: "https://{{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}/cauth/auth"
- nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}/login/"
-{{ else }} nginx.ingress.kubernetes.io/auth-url: "https://{{ .Values.workbench.domain }}/cauth/auth"
- nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.workbench.domain }}/login/"{{ end }}
+# kubernetes.io/ingress.class: "nginx"
+{{ if .Values.oauth.enabled | default false }}
+ nginx.ingress.kubernetes.io/auth-url: "{{ .Values.oauth.auth_url | default "https://$host/cauth/auth" }}"
+ nginx.ingress.kubernetes.io/auth-signin: "{{ .Values.oauth.signin_url | default "https://$host/login/" }}"
+ nginx.ingress.kubernetes.io/auth-response-headers: "{{ .Values.oauth.auth_response_headers | default "x-auth-request-user, x-auth-request-email" }}"
+{{ else }}
+ nginx.ingress.kubernetes.io/auth-url: "https://$host/cauth/auth"
+ nginx.ingress.kubernetes.io/auth-signin: "https://$host/login/"
+{{ end }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
@@ -17,9 +21,13 @@ spec:
- hosts:
- {{ .Values.workbench.domain }}
- '*.{{ .Values.workbench.domain }}'
- secretName: {{ .Values.tls.secretName }}-auth
+ secretName: {{ .Values.tls.secretName }}
rules:
-{{ if .Values.workbench.subdomain_prefix }} - host: {{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}{{ else }} - host: {{ .Values.workbench.domain }}{{ end }}
+{{ if .Values.workbench.subdomain_prefix }}
+ - host: {{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}
+{{ else }}
+ - host: {{ .Values.workbench.domain }}
+{{ end }}
http:
paths:
- path: /logs
@@ -43,7 +51,8 @@ metadata:
name: {{ .Release.Name }}-open
namespace: {{ .Release.Namespace }}
annotations:
- kubernetes.io/ingress.class: "nginx"
+# kubernetes.io/ingress.class: "nginx"
+# nginx.ingress.kubernetes.io/app-root: "/landing/"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
@@ -51,60 +60,65 @@ spec:
- hosts:
- {{ .Values.workbench.domain }}
- '*.{{ .Values.workbench.domain }}'
+ secretName: {{ .Values.tls.secretName }}
rules:
-{{ if .Values.workbench.subdomain_prefix }} - host: {{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}{{ else }} - host: {{ .Values.workbench.domain }}{{ end }}
+{{ if .Values.workbench.subdomain_prefix }}
+ - host: {{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}
+{{ else }}
+ - host: {{ .Values.workbench.domain }}
+{{ end }}
http:
paths:
- - path: /api
+ - path: /api/
pathType: Prefix
backend:
service:
name: {{ .Release.Name }}
port:
number: 30001
- - path: /login
+ - path: /login/
pathType: Prefix
backend:
service:
name: {{ .Release.Name }}
port:
number: 80
- - path: /landing
+ - path: /landing/
pathType: Prefix
backend:
service:
name: {{ .Release.Name }}
port:
number: 80
- - path: /cauth
+ - path: /cauth/
pathType: Prefix
backend:
service:
name: {{ .Release.Name }}
port:
number: 80
- - path: /shared
+ - path: /shared/
pathType: Prefix
backend:
service:
name: {{ .Release.Name }}
port:
number: 80
- - path: /bower_components
+ - path: /node_modules/
pathType: Prefix
backend:
service:
name: {{ .Release.Name }}
port:
number: 80
- - path: /node_modules
+ - path: /asset/
pathType: Prefix
backend:
service:
name: {{ .Release.Name }}
port:
number: 80
- - path: /asset
+ - path: /ConfigModule.js
pathType: Prefix
backend:
service:
@@ -118,7 +132,7 @@ spec:
name: {{ .Release.Name }}
port:
number: 80
- - path: /ConfigModule.js
+ - path: /env.json
pathType: Prefix
backend:
service:
@@ -130,16 +144,85 @@ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
- kubernetes.io/ingress.class: "nginx"
-{{ if .Values.certmgr.cluster_issuer }} cert-manager.io/cluster-issuer: "{{ .Values.certmgr.cluster_issuer }}"{{ else if .Values.certmgr.issuer }} cert-manager.io/issuer: "{{ .Values.certmgr.issuer }}"{{ end }}
+# kubernetes.io/ingress.class: "nginx"
+{{ if .Values.certmgr.cluster_issuer }}
+ cert-manager.io/cluster-issuer: "{{ .Values.certmgr.cluster_issuer }}"
+{{ else if .Values.certmgr.issuer }}
+ cert-manager.io/issuer: "{{ .Values.certmgr.issuer }}"
+{{ end }}
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
-{{ if .Values.workbench.subdomain_prefix }} nginx.ingress.kubernetes.io/permanent-redirect: "https://{{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}/landing/"{{ else }} nginx.ingress.kubernetes.io/permanent-redirect: "https://{{ .Values.workbench.domain }}/landing/"{{ end }}
+
+# traefik.ingress.kubernetes.io/preserve-host: "true"
+# traefik.ingress.kubernetes.io/redirect-permanent: "true"
+# traefik.ingress.kubernetes.io/redirect-regex: "^https://(.*)"
+# traefik.ingress.kubernetes.io/redirect-replacement: "https://www.$1"
+
+{{ if .Values.workbench.subdomain_prefix }}
+ nginx.ingress.kubernetes.io/permanent-redirect: "https://{{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}/landing/"
+{{ else }}
+ nginx.ingress.kubernetes.io/permanent-redirect: "https://{{ .Values.workbench.domain }}/landing/"
+{{ end }}
name: {{ .Release.Name }}-root
namespace: {{ .Release.Namespace }}
spec:
rules:
-{{ if .Values.workbench.subdomain_prefix }} - host: {{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}{{ else }} - host: {{ .Values.workbench.domain }}{{ end }}
+ - host: {{ .Values.workbench.domain }}
+ http:
+ paths:
+ - backend:
+ service:
+ name: {{ .Release.Name }}
+ port:
+ number: 80
+ path: /
+ pathType: Prefix
+{{ if .Values.workbench.subdomain_prefix }}
+ - host: {{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}
+ http:
+ paths:
+ - backend:
+ service:
+ name: {{ .Release.Name }}
+ port:
+ number: 80
+ path: /
+ pathType: Prefix
+{{ end }}
+ tls:
+ - hosts:
+ - {{ .Values.workbench.domain }}
+ - '*.{{ .Values.workbench.domain }}'
+ secretName: {{ .Values.tls.secretName }}
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ annotations:
+# kubernetes.io/ingress.class: "nginx"
+#{{ if .Values.certmgr.cluster_issuer }}
+# cert-manager.io/cluster-issuer: "{{ .Values.certmgr.cluster_issuer }}"
+#{{ else if .Values.certmgr.issuer }}
+# cert-manager.io/issuer: "{{ .Values.certmgr.issuer }}"
+#{{ end }}
+ nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+ nginx.ingress.kubernetes.io/ssl-redirect: "true"
+
+ traefik.ingress.kubernetes.io/preserve-host: "true"
+ traefik.ingress.kubernetes.io/redirect-permanent: "true"
+ traefik.ingress.kubernetes.io/redirect-regex: "^https://(.*)"
+ traefik.ingress.kubernetes.io/redirect-replacement: "https://www.$1"
+
+{{ if .Values.workbench.subdomain_prefix }}
+ nginx.ingress.kubernetes.io/permanent-redirect: "https://{{ .Values.workbench.subdomain_prefix }}.{{ .Values.workbench.domain }}/landing/"
+{{ else }}
+ nginx.ingress.kubernetes.io/permanent-redirect: "https://{{ .Values.workbench.domain }}/landing/"
+{{ end }}
+ name: {{ .Release.Name }}-www-redirect
+ namespace: {{ .Release.Namespace }}
+spec:
+ rules:
+ - host: {{ .Values.workbench.domain }}
http:
paths:
- backend:
diff --git a/values.yaml b/values.yaml
index 3549881..c81a3fc 100644
--- a/values.yaml
+++ b/values.yaml
@@ -2,11 +2,130 @@
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
+frontend:
+ domain: "workbench.ndslabs.org"
+ subdomain_prefix: "www"
+ support_email: ""
+ analytics_tracking_id: ""
+ signin_url: "https://www.workbench.ndslabs.org/oauth2/start?rd=https%3A%2F%2Fwww.workbench.ndslabs.org%2Fmy-apps"
+ customization:
+ product_name: "Workbench"
+ landing_html: " Labs Workbench is an environment where developers can prototype tools and capabilities that help build out the NDS framework and services. In particular, it is a place that can host the development activities of NDS pilot projects
Labs Workbench is an environment where developers can prototype tools and capabilities that help build out the NDS framework and services.
+In particular, it is a place that can host the development activities of NDS pilot projects.
+ brand_logo_path: "../asset/png/favicon-32x32.png" + favicon_path: "../asset/png/favicon-16x16.png" + learn_more_url: "http://www.nationaldataservice.org/platform/workbench.html" + help_links: "[{ \"name\": \"Feature Overview\", \"icon\": \"fa-info-circle\", \"url\": \"https://nationaldataservice.atlassian.net/wiki/display/NDSC/Feature+Overview\" },{ \"name\": \"F.A.Q.\", \"icon\": \"fa-question-circle\", \"url\": \"https://nationaldataservice.atlassian.net/wiki/display/NDSC/Frequently+Asked+Questions\"}, { \"name\": \"User's Guide\", icon: \"fa-book\", \"url\": \"https://nationaldataservice.atlassian.net/wiki/display/NDSC/User%27s+Guide\" }, { \"name\": \"Developer's Guide\", \"icon\": \"fa-code-fork\", \"url\": \"https://nationaldataservice.atlassian.net/wiki/display/NDSC/Developer%27s+Guide\" },{ \"name\": \"Acceptable Use Policy\", \"icon\": \"fa-gavel\", \"url\": \"https://nationaldataservice.atlassian.net/wiki/display/NDSC/Acceptable+Use+Policy\" }]" domain: "local.ndslabs.org" subdomain_prefix: "www" volume_name: "global" @@ -15,6 +134,7 @@ workbench: support_email: "ndslabs-support@nationaldataservice.org" analytics_tracking_id: "" require_account_approval: true + strategyType: "RollingUpdate" specs: repo: "https://github.com/nds-org/ndslabs-specs.git" branch: "master" @@ -45,16 +165,27 @@ workbench: timeout: 30 inactivity_timeout: 480 -# FIXME: This has not been tested + # Enable optional UI features (default is true) + advanced_features: + show_config: true + show_logs: true + show_console: true + show_remove_service: true + show_edit_service: true + show_service_help_icon: true + show_create_spec: true + show_import_spec: true + show_file_manager: true + oauth: enabled: false - signin_url: "" - auth_url: "" + signin_url: "https://$host/login/" + auth_url: "https://$host/cauth/auth" + auth_response_headers: "x-auth-request-user, x-auth-request-email" # , x-auth-request-access-token, x-auth-request-redirect, x-auth-request-preferred-username" certmgr: cluster_issuer: "acmedns-issuer" issuer: "" - namespace: "" rbac: enabled: true