Commit 2bc6d188 authored by Sandro Mathys's avatar Sandro Mathys
Browse files

add validation for ingress

parent 9f338242
......@@ -5,6 +5,7 @@ Compile all warnings into a single message, and call fail.
{{- $messages := list -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.podAntiAffinityPreset" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.route" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.ingress" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.eduIDOnly_xor_interfederation" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.eduIDVersion" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.shibboleth.configMap" .) -}}
......@@ -41,13 +42,29 @@ Compile all warnings into a single message, and call fail.
{{/*** ROUTE ***/}}
{{- define "shibboleth-sp.validateValues.route" -}}
{{- if and .Values.route.enabled -}}
{{- if .Values.openshiftv3 and .Values.route.enabled -}}
{{- if .Values.route.letsencrypt -}}
{{- if eq .Values.route.tls.termination "passthrough" }}
route.letsencrypt
route.tls.termination
Conflict: can't enable `letsencrypt` is `termination` is set to `passthrough`.
Conflict: can't enable `letsencrypt` if `termination` is set to `passthrough`.
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*** INGRESS ***/}}
{{- define "shibboleth-sp.validateValues.ingress" -}}
{{- if .Values.openshiftv3 and .Values.ingress.enabled -}}
{{- if .Values.ingress.letsencrypt.enabled -}}
{{- if not .Values.ingress.letsencrypt.clusterIssuer }}
ingress.letsencrypt.enabled
ingress.letsencrypt.clusterIssuer
Missing: `clusterIssuer` must be specified if Let's Encrypt is enabled.
{{- end -}}
{{- end -}}
......
......@@ -16,7 +16,6 @@ global:
##############
# temporary flag to support legacy openshiftv3 and modern vanilla kubernetes
# TODO: documentation
openshiftv3: true
nameOverride: ""
......@@ -82,7 +81,7 @@ route:
insecureEdgeTerminationPolicy: "Redirect"
# only if openshiftv3=false
# TODO: validation, documentation
# TODO: validation
ingress:
enabled: false
annotations: {}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment