{{- if and .Values.admin.enabled .Values.admin.ingress.enabled -}} {{- $fullName := include "admin.fullname" . -}} {{- $ns := include "admin.namespace" . -}} {{- $hosts := .Values.admin.ingress.hosts | default list -}} {{- $tlsSecret := .Values.admin.ingress.tlsSecret | default "" -}} {{- $useCertManager := $.Values.certManager.enabled -}} {{- $secretName := "" -}} {{- if ne $tlsSecret "" -}} {{- $secretName = $tlsSecret -}} {{- else if $useCertManager -}} {{- $secretName = printf "%s-admin-tls" $fullName -}} {{- end -}} {{- $tlsEnabled := or $useCertManager (ne $tlsSecret "") -}} {{- $addCertManagerAnnotation := and $useCertManager (eq $tlsSecret "") -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ $fullName }}-admin-ingress namespace: {{ $ns }} labels: app.kubernetes.io/name: {{ $fullName }}-admin app.kubernetes.io/instance: {{ .Release.Name }} annotations: {{- if .Values.admin.ingress.annotations }} {{- toYaml .Values.admin.ingress.annotations | nindent 4 }} {{- end }} {{- if and $addCertManagerAnnotation (not (hasKey (.Values.admin.ingress.annotations | default dict) "cert-manager.io/cluster-issuer")) }} cert-manager.io/cluster-issuer: {{ $.Values.certManager.clusterIssuerName }} {{- end }} nginx.ingress.kubernetes.io/proxy-body-size: "50m" nginx.ingress.kubernetes.io/proxy-http-version: "1.1" nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" nginx.ingress.kubernetes.io/enable-websocket: "true" spec: ingressClassName: nginx {{- if and $hosts $tlsEnabled }} tls: {{- range $hosts }} - hosts: - {{ . | toString }} secretName: {{ $secretName }} {{- end }} {{- end }} rules: {{- range $hosts }} - host: {{ . | toString }} http: paths: - path: / pathType: Prefix backend: service: name: {{ $fullName }}-admin port: number: {{ $.Values.admin.service.port }} {{- end }} {{- end }}