diff --git a/step-certificates/templates/ca.yaml b/step-certificates/templates/ca.yaml index 7784410..8daa4b4 100644 --- a/step-certificates/templates/ca.yaml +++ b/step-certificates/templates/ca.yaml @@ -101,19 +101,24 @@ spec: {{- end }} ports: - name: https - containerPort: {{ .Values.service.targetPort }} + containerPort: {{ .Values.service.ports.https.targetPort }} protocol: TCP + {{ if .Values.service.ports.http.enabled }} + - name: http + containerPort: {{ .Values.service.ports.http.targetPort }} + protocol: TCP + {{- end }} livenessProbe: initialDelaySeconds: 5 httpGet: path: /health - port: {{ .Values.service.targetPort }} + port: {{ .Values.service.ports.https.targetPort }} scheme: HTTPS readinessProbe: initialDelaySeconds: 5 httpGet: path: /health - port: {{ .Values.service.targetPort }} + port: {{ .Values.service.ports.https.targetPort }} scheme: HTTPS resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/step-certificates/templates/service.yaml b/step-certificates/templates/service.yaml index 4d29852..8e4bcc8 100644 --- a/step-certificates/templates/service.yaml +++ b/step-certificates/templates/service.yaml @@ -11,18 +11,30 @@ metadata: {{- end }} spec: type: {{ .Values.service.type }} + {{ if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} {{- with .Values.service.externalIPs }} externalIPs: {{- toYaml . | nindent 4 }} {{- end }} ports: - - port: {{ .Values.service.port }} - targetPort: {{ .Values.service.targetPort }} + - port: {{ .Values.service.ports.https.port }} + targetPort: {{ .Values.service.ports.https.targetPort }} protocol: TCP name: https {{- if eq .Values.service.type "NodePort" }} - nodePort: {{ .Values.service.nodePort }} + nodePort: {{ .Values.service.ports.https.nodePort }} + {{- end }} + {{ if .Values.service.ports.http.enabled }} + - port: {{ .Values.service.ports.http.port }} + targetPort: {{ .Values.service.ports.http.targetPort }} + protocol: TCP + name: http + {{- if eq .Values.service.type "NodePort" }} + nodePort: {{ .Values.service.ports.http.nodePort }} {{- end }} + {{- end }} selector: app.kubernetes.io/name: {{ include "step-certificates.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/step-certificates/templates/tests/test-connection.yaml b/step-certificates/templates/tests/test-connection.yaml index 4794c35..c940457 100644 --- a/step-certificates/templates/tests/test-connection.yaml +++ b/step-certificates/templates/tests/test-connection.yaml @@ -16,5 +16,5 @@ spec: args: - '-s' - '-k' - - 'https://{{ include "step-certificates.fullname" . }}:{{ .Values.service.port }}/health' + - 'https://{{ include "step-certificates.fullname" . }}:{{ .Values.service.ports.https.port }}/health' restartPolicy: Never diff --git a/step-certificates/values.yaml b/step-certificates/values.yaml index 8100349..4ce804d 100644 --- a/step-certificates/values.yaml +++ b/step-certificates/values.yaml @@ -230,11 +230,19 @@ inject: # service contains configuration for the kubernes service. service: type: ClusterIP - port: 443 - targetPort: 9000 - nodePort: "" + loadBalancerIP: "" annotations: {} externalIPs: [] + ports: + https: + port: 443 + targetPort: 9000 + nodePort: "" + http: + enabled: false + port: 80 + targetPort: 8080 + nodePort: "" # linkedca contains the token to configure step-ca using the linkedca mode. #