Skip to content

Commit 10dc7ef

Browse files
oseoinpdabelf5
oseoin
authored and
pdabelf5
committed
Helm and function signature refactors (#4758)
* refactor helm args for deploy and daemonset, refactor several function signatures
1 parent cfe6fc2 commit 10dc7ef

File tree

9 files changed

+477
-297
lines changed

9 files changed

+477
-297
lines changed

charts/nginx-ingress/templates/_helpers.tpl

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -133,3 +133,93 @@ Expand image name.
133133
{{- define "nginx-ingress.prometheus.serviceName" -}}
134134
{{- printf "%s-%s" (include "nginx-ingress.fullname" .) "prometheus-service" -}}
135135
{{- end -}}
136+
137+
{{/*
138+
Build the args for the service binary.
139+
*/}}
140+
{{- define "nginx-ingress.args" -}}
141+
- -nginx-plus={{ .Values.controller.nginxplus }}
142+
- -nginx-reload-timeout={{ .Values.controller.nginxReloadTimeout }}
143+
- -enable-app-protect={{ .Values.controller.appprotect.enable }}
144+
{{- if and .Values.controller.appprotect.enable .Values.controller.appprotect.logLevel }}
145+
- -app-protect-log-level={{ .Values.controller.appprotect.logLevel }}
146+
{{ end }}
147+
- -enable-app-protect-dos={{ .Values.controller.appprotectdos.enable }}
148+
{{- if .Values.controller.appprotectdos.enable }}
149+
- -app-protect-dos-debug={{ .Values.controller.appprotectdos.debug }}
150+
- -app-protect-dos-max-daemons={{ .Values.controller.appprotectdos.maxDaemons }}
151+
- -app-protect-dos-max-workers={{ .Values.controller.appprotectdos.maxWorkers }}
152+
- -app-protect-dos-memory={{ .Values.controller.appprotectdos.memory }}
153+
{{ end }}
154+
- -nginx-configmaps=$(POD_NAMESPACE)/{{ include "nginx-ingress.configName" . }}
155+
{{- if .Values.controller.defaultTLS.secret }}
156+
- -default-server-tls-secret={{ .Values.controller.defaultTLS.secret }}
157+
{{ else if and (.Values.controller.defaultTLS.cert) (.Values.controller.defaultTLS.key) }}
158+
- -default-server-tls-secret=$(POD_NAMESPACE)/{{ include "nginx-ingress.defaultTLSName" . }}
159+
{{- end }}
160+
- -ingress-class={{ .Values.controller.ingressClass.name }}
161+
{{- if .Values.controller.watchNamespace }}
162+
- -watch-namespace={{ .Values.controller.watchNamespace }}
163+
{{- end }}
164+
{{- if .Values.controller.watchNamespaceLabel }}
165+
- -watch-namespace-label={{ .Values.controller.watchNamespaceLabel }}
166+
{{- end }}
167+
{{- if .Values.controller.watchSecretNamespace }}
168+
- -watch-secret-namespace={{ .Values.controller.watchSecretNamespace }}
169+
{{- end }}
170+
- -health-status={{ .Values.controller.healthStatus }}
171+
- -health-status-uri={{ .Values.controller.healthStatusURI }}
172+
- -nginx-debug={{ .Values.controller.nginxDebug }}
173+
- -v={{ .Values.controller.logLevel }}
174+
- -nginx-status={{ .Values.controller.nginxStatus.enable }}
175+
{{- if .Values.controller.nginxStatus.enable }}
176+
- -nginx-status-port={{ .Values.controller.nginxStatus.port }}
177+
- -nginx-status-allow-cidrs={{ .Values.controller.nginxStatus.allowCidrs }}
178+
{{- end }}
179+
{{- if .Values.controller.reportIngressStatus.enable }}
180+
- -report-ingress-status
181+
{{- if .Values.controller.reportIngressStatus.ingressLink }}
182+
- -ingresslink={{ .Values.controller.reportIngressStatus.ingressLink }}
183+
{{- else if .Values.controller.reportIngressStatus.externalService }}
184+
- -external-service={{ .Values.controller.reportIngressStatus.externalService }}
185+
{{- else if and (.Values.controller.service.create) (eq .Values.controller.service.type "LoadBalancer") }}
186+
- -external-service={{ include "nginx-ingress.controller.service.name" . }}
187+
{{- end }}
188+
{{- end }}
189+
- -enable-leader-election={{ .Values.controller.reportIngressStatus.enableLeaderElection }}
190+
{{- if .Values.controller.reportIngressStatus.enableLeaderElection }}
191+
- -leader-election-lock-name={{ include "nginx-ingress.leaderElectionName" . }}
192+
{{- end }}
193+
{{- if .Values.controller.wildcardTLS.secret }}
194+
- -wildcard-tls-secret={{ .Values.controller.wildcardTLS.secret }}
195+
{{- else if and .Values.controller.wildcardTLS.cert .Values.controller.wildcardTLS.key }}
196+
- -wildcard-tls-secret=$(POD_NAMESPACE)/{{ include "nginx-ingress.wildcardTLSName" . }}
197+
{{- end }}
198+
- -enable-prometheus-metrics={{ .Values.prometheus.create }}
199+
- -prometheus-metrics-listen-port={{ .Values.prometheus.port }}
200+
- -prometheus-tls-secret={{ .Values.prometheus.secret }}
201+
- -enable-service-insight={{ .Values.serviceInsight.create }}
202+
- -service-insight-listen-port={{ .Values.serviceInsight.port }}
203+
- -service-insight-tls-secret={{ .Values.serviceInsight.secret }}
204+
- -enable-custom-resources={{ .Values.controller.enableCustomResources }}
205+
- -enable-snippets={{ .Values.controller.enableSnippets }}
206+
- -include-year={{ .Values.controller.includeYear }}
207+
- -disable-ipv6={{ .Values.controller.disableIPV6 }}
208+
{{- if .Values.controller.enableCustomResources }}
209+
- -enable-tls-passthrough={{ .Values.controller.enableTLSPassthrough }}
210+
{{- if .Values.controller.enableTLSPassthrough }}
211+
- -tls-passthrough-port={{ .Values.controller.tlsPassthroughPort }}
212+
{{- end }}
213+
- -enable-cert-manager={{ .Values.controller.enableCertManager }}
214+
- -enable-oidc={{ .Values.controller.enableOIDC }}
215+
- -enable-external-dns={{ .Values.controller.enableExternalDNS }}
216+
- -default-http-listener-port={{ .Values.controller.defaultHTTPListenerPort}}
217+
- -default-https-listener-port={{ .Values.controller.defaultHTTPSListenerPort}}
218+
{{- if .Values.controller.globalConfiguration.create }}
219+
- -global-configuration=$(POD_NAMESPACE)/{{ include "nginx-ingress.controller.fullname" . }}
220+
{{- end }}
221+
{{- end }}
222+
- -ready-status={{ .Values.controller.readyStatus.enable }}
223+
- -ready-status-port={{ .Values.controller.readyStatus.port }}
224+
- -enable-latency-metrics={{ .Values.controller.enableLatencyMetrics }}
225+
{{- end -}}

charts/nginx-ingress/templates/controller-daemonset.yaml

Lines changed: 1 addition & 84 deletions
Original file line numberDiff line numberDiff line change
@@ -164,90 +164,7 @@ spec:
164164
resources:
165165
{{ toYaml .Values.controller.resources | indent 10 }}
166166
args:
167-
- -nginx-plus={{ .Values.controller.nginxplus }}
168-
- -nginx-reload-timeout={{ .Values.controller.nginxReloadTimeout }}
169-
- -enable-app-protect={{ .Values.controller.appprotect.enable }}
170-
{{- if and .Values.controller.appprotect.enable .Values.controller.appprotect.logLevel }}
171-
- -app-protect-log-level={{ .Values.controller.appprotect.logLevel }}
172-
{{ end }}
173-
- -enable-app-protect-dos={{ .Values.controller.appprotectdos.enable }}
174-
{{- if .Values.controller.appprotectdos.enable }}
175-
- -app-protect-dos-debug={{ .Values.controller.appprotectdos.debug }}
176-
- -app-protect-dos-max-daemons={{ .Values.controller.appprotectdos.maxDaemons }}
177-
- -app-protect-dos-max-workers={{ .Values.controller.appprotectdos.maxWorkers }}
178-
- -app-protect-dos-memory={{ .Values.controller.appprotectdos.memory }}
179-
{{ end }}
180-
- -nginx-configmaps=$(POD_NAMESPACE)/{{ include "nginx-ingress.configName" . }}
181-
{{- if .Values.controller.defaultTLS.secret }}
182-
- -default-server-tls-secret={{ .Values.controller.defaultTLS.secret }}
183-
{{ else if and (.Values.controller.defaultTLS.cert) (.Values.controller.defaultTLS.key) }}
184-
- -default-server-tls-secret=$(POD_NAMESPACE)/{{ include "nginx-ingress.defaultTLSName" . }}
185-
{{- end }}
186-
- -ingress-class={{ .Values.controller.ingressClass.name }}
187-
{{- if .Values.controller.watchNamespace }}
188-
- -watch-namespace={{ .Values.controller.watchNamespace }}
189-
{{- end }}
190-
{{- if .Values.controller.watchNamespaceLabel }}
191-
- -watch-namespace-label={{ .Values.controller.watchNamespaceLabel }}
192-
{{- end }}
193-
{{- if .Values.controller.watchSecretNamespace }}
194-
- -watch-secret-namespace={{ .Values.controller.watchSecretNamespace }}
195-
{{- end }}
196-
- -health-status={{ .Values.controller.healthStatus }}
197-
- -health-status-uri={{ .Values.controller.healthStatusURI }}
198-
- -nginx-debug={{ .Values.controller.nginxDebug }}
199-
- -v={{ .Values.controller.logLevel }}
200-
- -nginx-status={{ .Values.controller.nginxStatus.enable }}
201-
{{- if .Values.controller.nginxStatus.enable }}
202-
- -nginx-status-port={{ .Values.controller.nginxStatus.port }}
203-
- -nginx-status-allow-cidrs={{ .Values.controller.nginxStatus.allowCidrs }}
204-
{{- end }}
205-
{{- if .Values.controller.reportIngressStatus.enable }}
206-
- -report-ingress-status
207-
{{- if .Values.controller.reportIngressStatus.ingressLink }}
208-
- -ingresslink={{ .Values.controller.reportIngressStatus.ingressLink }}
209-
{{- else if .Values.controller.reportIngressStatus.externalService }}
210-
- -external-service={{ .Values.controller.reportIngressStatus.externalService }}
211-
{{- else if and (.Values.controller.service.create) (eq .Values.controller.service.type "LoadBalancer") }}
212-
- -external-service={{ include "nginx-ingress.controller.service.name" . }}
213-
{{- end }}
214-
{{- end }}
215-
- -enable-leader-election={{ .Values.controller.reportIngressStatus.enableLeaderElection }}
216-
{{- if .Values.controller.reportIngressStatus.enableLeaderElection }}
217-
- -leader-election-lock-name={{ include "nginx-ingress.leaderElectionName" . }}
218-
{{- end }}
219-
{{- if .Values.controller.wildcardTLS.secret }}
220-
- -wildcard-tls-secret={{ .Values.controller.wildcardTLS.secret }}
221-
{{- else if and .Values.controller.wildcardTLS.cert .Values.controller.wildcardTLS.key }}
222-
- -wildcard-tls-secret=$(POD_NAMESPACE)/{{ include "nginx-ingress.wildcardTLSName" . }}
223-
{{- end }}
224-
- -enable-prometheus-metrics={{ .Values.prometheus.create }}
225-
- -prometheus-metrics-listen-port={{ .Values.prometheus.port }}
226-
- -prometheus-tls-secret={{ .Values.prometheus.secret }}
227-
- -enable-service-insight={{ .Values.serviceInsight.create }}
228-
- -service-insight-listen-port={{ .Values.serviceInsight.port }}
229-
- -service-insight-tls-secret={{ .Values.serviceInsight.secret }}
230-
- -enable-custom-resources={{ .Values.controller.enableCustomResources }}
231-
- -enable-snippets={{ .Values.controller.enableSnippets }}
232-
- -include-year={{ .Values.controller.includeYear }}
233-
- -disable-ipv6={{ .Values.controller.disableIPV6 }}
234-
{{- if .Values.controller.enableCustomResources }}
235-
- -enable-tls-passthrough={{ .Values.controller.enableTLSPassthrough }}
236-
{{ if .Values.controller.enableTLSPassthrough }}
237-
- -tls-passthrough-port={{ .Values.controller.tlsPassthroughPort }}
238-
{{ end }}
239-
- -enable-cert-manager={{ .Values.controller.enableCertManager }}
240-
- -enable-oidc={{ .Values.controller.enableOIDC }}
241-
- -enable-external-dns={{ .Values.controller.enableExternalDNS }}
242-
- -default-http-listener-port={{ .Values.controller.defaultHTTPListenerPort}}
243-
- -default-https-listener-port={{ .Values.controller.defaultHTTPSListenerPort}}
244-
{{- if .Values.controller.globalConfiguration.create }}
245-
- -global-configuration=$(POD_NAMESPACE)/{{ include "nginx-ingress.controller.fullname" . }}
246-
{{- end }}
247-
{{- end }}
248-
- -ready-status={{ .Values.controller.readyStatus.enable }}
249-
- -ready-status-port={{ .Values.controller.readyStatus.port }}
250-
- -enable-latency-metrics={{ .Values.controller.enableLatencyMetrics }}
167+
{{- include "nginx-ingress.args" . | nindent 10 }}
251168
{{- if .Values.controller.extraContainers }}
252169
{{ toYaml .Values.controller.extraContainers | nindent 6 }}
253170
{{- end }}

charts/nginx-ingress/templates/controller-deployment.yaml

Lines changed: 1 addition & 84 deletions
Original file line numberDiff line numberDiff line change
@@ -171,90 +171,7 @@ spec:
171171
fieldPath: spec.serviceAccountName
172172
{{- end }}
173173
args:
174-
- -nginx-plus={{ .Values.controller.nginxplus }}
175-
- -nginx-reload-timeout={{ .Values.controller.nginxReloadTimeout }}
176-
- -enable-app-protect={{ .Values.controller.appprotect.enable }}
177-
{{- if and .Values.controller.appprotect.enable .Values.controller.appprotect.logLevel }}
178-
- -app-protect-log-level={{ .Values.controller.appprotect.logLevel }}
179-
{{ end }}
180-
- -enable-app-protect-dos={{ .Values.controller.appprotectdos.enable }}
181-
{{- if .Values.controller.appprotectdos.enable }}
182-
- -app-protect-dos-debug={{ .Values.controller.appprotectdos.debug }}
183-
- -app-protect-dos-max-daemons={{ .Values.controller.appprotectdos.maxDaemons }}
184-
- -app-protect-dos-max-workers={{ .Values.controller.appprotectdos.maxWorkers }}
185-
- -app-protect-dos-memory={{ .Values.controller.appprotectdos.memory }}
186-
{{ end }}
187-
- -nginx-configmaps=$(POD_NAMESPACE)/{{ include "nginx-ingress.configName" . }}
188-
{{- if .Values.controller.defaultTLS.secret }}
189-
- -default-server-tls-secret={{ .Values.controller.defaultTLS.secret }}
190-
{{ else if and (.Values.controller.defaultTLS.cert) (.Values.controller.defaultTLS.key) }}
191-
- -default-server-tls-secret=$(POD_NAMESPACE)/{{ include "nginx-ingress.defaultTLSName" . }}
192-
{{- end }}
193-
- -ingress-class={{ .Values.controller.ingressClass.name }}
194-
{{- if .Values.controller.watchNamespace }}
195-
- -watch-namespace={{ .Values.controller.watchNamespace }}
196-
{{- end }}
197-
{{- if .Values.controller.watchNamespaceLabel }}
198-
- -watch-namespace-label={{ .Values.controller.watchNamespaceLabel }}
199-
{{- end }}
200-
{{- if .Values.controller.watchSecretNamespace }}
201-
- -watch-secret-namespace={{ .Values.controller.watchSecretNamespace }}
202-
{{- end }}
203-
- -health-status={{ .Values.controller.healthStatus }}
204-
- -health-status-uri={{ .Values.controller.healthStatusURI }}
205-
- -nginx-debug={{ .Values.controller.nginxDebug }}
206-
- -v={{ .Values.controller.logLevel }}
207-
- -nginx-status={{ .Values.controller.nginxStatus.enable }}
208-
{{- if .Values.controller.nginxStatus.enable }}
209-
- -nginx-status-port={{ .Values.controller.nginxStatus.port }}
210-
- -nginx-status-allow-cidrs={{ .Values.controller.nginxStatus.allowCidrs }}
211-
{{- end }}
212-
{{- if .Values.controller.reportIngressStatus.enable }}
213-
- -report-ingress-status
214-
{{- if .Values.controller.reportIngressStatus.ingressLink }}
215-
- -ingresslink={{ .Values.controller.reportIngressStatus.ingressLink }}
216-
{{- else if .Values.controller.reportIngressStatus.externalService }}
217-
- -external-service={{ .Values.controller.reportIngressStatus.externalService }}
218-
{{- else if and (.Values.controller.service.create) (eq .Values.controller.service.type "LoadBalancer") }}
219-
- -external-service={{ include "nginx-ingress.controller.service.name" . }}
220-
{{- end }}
221-
{{- end }}
222-
- -enable-leader-election={{ .Values.controller.reportIngressStatus.enableLeaderElection }}
223-
{{- if .Values.controller.reportIngressStatus.enableLeaderElection }}
224-
- -leader-election-lock-name={{ include "nginx-ingress.leaderElectionName" . }}
225-
{{- end }}
226-
{{- if .Values.controller.wildcardTLS.secret }}
227-
- -wildcard-tls-secret={{ .Values.controller.wildcardTLS.secret }}
228-
{{- else if and .Values.controller.wildcardTLS.cert .Values.controller.wildcardTLS.key }}
229-
- -wildcard-tls-secret=$(POD_NAMESPACE)/{{ include "nginx-ingress.wildcardTLSName" . }}
230-
{{- end }}
231-
- -enable-prometheus-metrics={{ .Values.prometheus.create }}
232-
- -prometheus-metrics-listen-port={{ .Values.prometheus.port }}
233-
- -prometheus-tls-secret={{ .Values.prometheus.secret }}
234-
- -enable-service-insight={{ .Values.serviceInsight.create }}
235-
- -service-insight-listen-port={{ .Values.serviceInsight.port }}
236-
- -service-insight-tls-secret={{ .Values.serviceInsight.secret }}
237-
- -enable-custom-resources={{ .Values.controller.enableCustomResources }}
238-
- -enable-snippets={{ .Values.controller.enableSnippets }}
239-
- -include-year={{ .Values.controller.includeYear }}
240-
- -disable-ipv6={{ .Values.controller.disableIPV6 }}
241-
{{- if .Values.controller.enableCustomResources }}
242-
- -enable-tls-passthrough={{ .Values.controller.enableTLSPassthrough }}
243-
{{ if .Values.controller.enableTLSPassthrough }}
244-
- -tls-passthrough-port={{ .Values.controller.tlsPassthroughPort }}
245-
{{ end }}
246-
- -enable-cert-manager={{ .Values.controller.enableCertManager }}
247-
- -enable-oidc={{ .Values.controller.enableOIDC }}
248-
- -enable-external-dns={{ .Values.controller.enableExternalDNS }}
249-
- -default-http-listener-port={{ .Values.controller.defaultHTTPListenerPort}}
250-
- -default-https-listener-port={{ .Values.controller.defaultHTTPSListenerPort}}
251-
{{- if .Values.controller.globalConfiguration.create }}
252-
- -global-configuration=$(POD_NAMESPACE)/{{ include "nginx-ingress.controller.fullname" . }}
253-
{{- end }}
254-
{{- end }}
255-
- -ready-status={{ .Values.controller.readyStatus.enable }}
256-
- -ready-status-port={{ .Values.controller.readyStatus.port }}
257-
- -enable-latency-metrics={{ .Values.controller.enableLatencyMetrics }}
174+
{{- include "nginx-ingress.args" . | nindent 10 }}
258175
{{- if .Values.controller.extraContainers }}
259176
{{ toYaml .Values.controller.extraContainers | nindent 6 }}
260177
{{- end }}

cmd/nginx-ingress/main.go

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -123,9 +123,20 @@ func main() {
123123
plusClient := createPlusClient(*nginxPlus, useFakeNginxManager, nginxManager)
124124

125125
plusCollector, syslogListener, latencyCollector := createPlusAndLatencyCollectors(registry, constLabels, kubeClient, plusClient, staticCfgParams.NginxServiceMesh)
126+
cnf := configs.NewConfigurator(configs.ConfiguratorParams{
127+
NginxManager: nginxManager,
128+
StaticCfgParams: staticCfgParams,
129+
Config: cfgParams,
130+
TemplateExecutor: templateExecutor,
131+
TemplateExecutorV2: templateExecutorV2,
132+
LatencyCollector: latencyCollector,
133+
LabelUpdater: plusCollector,
134+
IsPlus: *nginxPlus,
135+
IsWildcardEnabled: isWildcardEnabled,
136+
IsPrometheusEnabled: *enablePrometheusMetrics,
137+
IsLatencyMetricsEnabled: *enableLatencyMetrics,
138+
})
126139

127-
cnf := configs.NewConfigurator(nginxManager, staticCfgParams, cfgParams, templateExecutor,
128-
templateExecutorV2, *nginxPlus, isWildcardEnabled, plusCollector, *enablePrometheusMetrics, latencyCollector, *enableLatencyMetrics)
129140
controllerNamespace := os.Getenv("POD_NAMESPACE")
130141

131142
transportServerValidator := cr_validation.NewTransportServerValidator(*enableTLSPassthrough, *enableSnippets, *nginxPlus)

0 commit comments

Comments
 (0)