SS 693 ingress does not care if app is public or private

apps/tasks.py

@@ -203,19 +203,14 @@ def deploy_resource(instance_pk, action="create"):
     app_instance = AppInstance.objects.select_for_update().get(pk=instance_pk)
     status = AppStatus(appinstance=app_instance)
 
-    if action == "create":
+    if (action == "create") or (action == "update"):
         parameters = app_instance.parameters
         status.status_type = "Created"
         status.info = parameters["release"]
 
         # For backwards-compatibility with old ingress spec:
         if "ingress" not in parameters:
             parameters["ingress"] = dict()
-        try:
-            print("Ingress v1beta1: {}".format(settings.INGRESS_V1BETA1))
-            parameters["ingress"]["v1beta1"] = settings.INGRESS_V1BETA1
-        except:  # noqa E722 TODO: Add exception
-            pass
 
         app_instance.parameters = parameters
         print("App Instance paramenters: {}".format(app_instance))

charts/apps/custom-app/chart/templates/ingress.yaml

@@ -1,29 +1,3 @@
-{{ if .Values.ingress.v1beta1 }}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  name: {{ .Release.Name }}-ingress
-  namespace: {{ .Values.namespace }}
-  labels:
-    io.kompose.service: {{ .Release.Name }}-ingress
-  annotations:
-    nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
-    nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-    #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
-spec:
-  rules:
-    - host: {{ .Release.Name }}.{{ .Values.global.domain }}
-      http:
-        paths:
-        - path: /
-          backend:
-            serviceName: {{ .Values.service.name }}
-            servicePort: {{ .Values.service.port }}
-  tls:
-    - secretName: {{ .Values.ingress.secretName }}
-      hosts:
-        - {{ .Values.global.domain }}
-{{ else }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -32,9 +6,10 @@ metadata:
   labels:
     io.kompose.service: {{ .Release.Name }}-ingress
   annotations:
+    {{ if ne .Values.permission "public" }}
     nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
     nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-    #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
+    {{- end }}
 spec:
   rules:
     - host: {{ .Release.Name }}.{{ .Values.global.domain }}
@@ -50,5 +25,4 @@ spec:
   tls:
     - secretName: {{ .Values.ingress.secretName }}
       hosts:
-        - {{ .Values.global.domain }}
-{{- end }}
+        - {{ .Values.global.domain }}

charts/apps/custom-app/chart/values.yaml

@@ -20,7 +20,6 @@ imagePullSecrets:
   - name: regcred
 
 ingress:
-  v1beta1: false
   secretName: prod-ingress
 
 podSecurityContext:

charts/apps/dash/chart/templates/ingress.yaml

@@ -1,29 +1,3 @@
-{{ if .Values.ingress.v1beta1 }}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  name: {{ .Release.Name }}-ingress
-  namespace: {{ .Values.namespace }}
-  labels:
-    io.kompose.service: {{ .Release.Name }}-ingress
-  annotations:
-    nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
-    nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-    #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
-spec:
-  rules:
-    - host: {{ .Release.Name }}.{{ .Values.global.domain }}
-      http:
-        paths:
-        - path: /
-          backend:
-            serviceName: {{ .Values.service.name }}
-            servicePort: {{ .Values.service.port }}
-  tls:
-    - secretName: {{ .Values.ingress.secretName }}
-      hosts:
-        - {{ .Values.global.domain }}
-{{ else }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -32,9 +6,10 @@ metadata:
   labels:
     io.kompose.service: {{ .Release.Name }}-ingress
   annotations:
+    {{ if ne .Values.permission "public" }}
     nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
     nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-    #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
+    {{- end }}
 spec:
   rules:
     - host: {{ .Release.Name }}.{{ .Values.global.domain }}
@@ -51,4 +26,3 @@ spec:
     - secretName: {{ .Values.ingress.secretName }}
       hosts:
         - {{ .Values.global.domain }}
-{{- end }}

charts/apps/dash/chart/values.yaml

@@ -20,7 +20,6 @@ imagePullSecrets:
   - name: regcred
 
 ingress:
-  v1beta1: false
   secretName: prod-ingress
 
 podSecurityContext:

charts/apps/pytorch-serve/chart/templates/ingress.yaml

@@ -6,8 +6,10 @@ metadata:
     nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
     nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
     nginx.ingress.kubernetes.io/proxy-body-size: "500m"
+    {{ if ne .Values.permission "public" }}
     nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
     nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
+    {{- end }}
   name: {{ .Release.Name }}-ingress
   namespace: {{ .Values.namespace }}
 spec:

charts/apps/pytorch-serve/chart/values.yaml

@@ -46,7 +46,6 @@ imagePullSecrets:
   - name: regcred
 
 ingress:
-  v1beta1: false
 
 podSecurityContext:
   seccompProfile:

charts/apps/shiny/chart/templates/ingress.yaml

@@ -1,29 +1,3 @@
-{{ if .Values.ingress.v1beta1 }}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  name: {{ .Release.Name }}-ingress
-  namespace: {{ .Values.namespace }}
-  labels:
-    io.kompose.service: {{ .Release.Name }}-ingress
-  annotations:
-    nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
-    nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-    #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
-spec:
-  rules:
-    - host: {{ .Release.Name }}.{{ .Values.global.domain }}
-      http:
-        paths:
-        - path: /
-          backend:
-            serviceName: {{ .Values.service.name }}
-            servicePort: {{ .Values.service.port }}
-  tls:
-    - secretName: {{ .Values.ingress.secretName }}
-      hosts:
-        - {{ .Values.global.domain }}
-{{ else }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -32,9 +6,10 @@ metadata:
   labels:
     io.kompose.service: {{ .Release.Name }}-ingress
   annotations:
+    {{ if ne .Values.permission "public" }}
     nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
     nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-    #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
+    {{- end }}
 spec:
   rules:
     - host: {{ .Release.Name }}.{{ .Values.global.domain }}
@@ -50,5 +25,4 @@ spec:
   tls:
     - secretName: {{ .Values.ingress.secretName }}
       hosts:
-        - {{ .Values.global.domain }}
-{{- end }}
+        - {{ .Values.global.domain }}

charts/apps/shiny/chart/values.yaml

@@ -20,7 +20,6 @@ imagePullSecrets:
   - name: regcred
 
 ingress:
-  v1beta1: false
   secretName: prod-ingress
 
 podSecurityContext:

charts/apps/shinyproxy/chart/templates/ingress.yaml

@@ -1,29 +1,3 @@
-{{ if .Values.ingress.v1beta1 }}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  name: {{ .Release.Name }}-ingress
-  namespace: {{ .Values.namespace }}
-  labels:
-    io.kompose.service: {{ .Release.Name }}-ingress
-  annotations:
-    nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
-    nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-    #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
-spec:
-  rules:
-    - host: {{ .Release.Name }}.{{ .Values.global.domain }}
-      http:
-        paths:
-        - path: /
-          backend:
-            serviceName: {{ .Values.service.name }}
-            servicePort: 80
-  tls:
-    - secretName: prod-ingress
-      hosts:
-        - {{ .Values.global.domain }}
-{{ else }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -32,8 +6,10 @@ metadata:
   labels:
     io.kompose.service: {{ .Release.Name }}-ingress
   annotations:
+    {{ if ne .Values.permission "public" }}
     nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
     nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
+    {{- end }}
     #nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
 spec:
   rules:
@@ -50,5 +26,4 @@ spec:
   tls:
     - secretName: prod-ingress
       hosts:
-        - {{ .Values.global.domain }}
-{{- end }}
+        - {{ .Values.global.domain }}

charts/apps/shinyproxy/chart/values.yaml

@@ -30,7 +30,6 @@ service:
   name: shinyproxy-svc
 
 ingress:
-  v1beta1: false
   secretName: prod-ingress
 
 s3sync:

charts/apps/tensorflow-serve/chart/templates/ingress.yaml

@@ -1,33 +1,3 @@
-{{ if .Values.ingress.v1beta1 }}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  labels:
-    app: tensorflow-serving
-    host: {{ .Release.Name }}.{{ .Values.global.domain }}
-  annotations:
-    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
-    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
-    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
-    nginx.ingress.kubernetes.io/proxy-body-size: "500m"
-    nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
-    nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
-  name: {{ .Release.Name }}-ingress
-  namespace: {{ .Values.namespace }}
-spec:
-  rules:
-    - host: {{ .Release.Name }}.{{ .Values.global.domain }}
-      http:
-        paths:
-        - path: /
-          backend:
-            serviceName: {{ $.Release.Name }}-tf-svc
-            servicePort: 80
-  tls:
-    - secretName: prod-ingress
-      hosts:
-        - {{ .Release.Name }}.{{ .Values.global.domain }}
-{{ else }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -39,8 +9,10 @@ metadata:
     nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
     nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
     nginx.ingress.kubernetes.io/proxy-body-size: "500m"
+    {{ if ne .Values.permission "public" }}
     nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
     nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
+    {{- end }}
   name: {{ .Release.Name }}-ingress
   namespace: {{ .Values.namespace }}
 spec:
@@ -58,6 +30,4 @@ spec:
   tls:
     - secretName: prod-ingress
       hosts:
-        - {{ .Release.Name }}.{{ .Values.global.domain }}
-
-{{- end }}
+        - {{ .Release.Name }}.{{ .Values.global.domain }}

charts/apps/tensorflow-serve/chart/values.yaml

@@ -44,7 +44,6 @@ imagePullSecrets:
   - name: regcred
 
 ingress:
-  v1beta1: false
 
 podSecurityContext:
   seccompProfile: