[kong] refactor listener string generation

Unify listener templates and make them more expressive: * Listener strings are now generated by passing the listener/service configuration block (e.g. "proxy") to the "kong.listen" helper, rather than templating each listen string individually. * The admin listen now uses the same configuration format as other listeners, with default values expressing the standard configuration (no service creation, TLS-only listen). Legacy configuration is still supported, but displays a deprecation warning in NOTES.txt. * Listener configuration now allows specifying listen parameters, rather than hard-coding them into the template (though "ssl" is still hard-coded for TLS listens). To avoid too complicated a configuration change, users are still limited to two listens, HTTP and TLS, rather than being able to freely define listens. * CI tests and README.md now account for the above. * NOTES.txt spacing now tries to more closely adhere to 80-char columns.
Kong · Mar 7, 2020 · 6451e7f · 6451e7f
1 parent 846fa94
commit 6451e7f
Show file tree

Hide file tree

Showing 6 changed files with 38 additions and 13 deletions.
diff --git a/charts/kong/templates/_helpers.tpl b/charts/kong/templates/_helpers.tpl
@@ -56,19 +56,34 @@ Create the name of the service account to use
 Create KONG_SERVICE_LISTEN strings
 */}}
 {{- define "kong.listen" -}}
+  {{- $httpListen := list -}}
+  {{- $tlsListen := list -}}
+  {{- $unifiedListen := list -}}
 
-{{- if and .http.enabled .tls.enabled -}}
-   0.0.0.0:{{ .http.containerPort }},0.0.0.0:{{ .tls.containerPort }} ssl
-{{- else -}}
-{{- if .http.enabled -}}
-   0.0.0.0:{{ .http.containerPort }}
-{{- end -}}
-{{- if .tls.enabled -}}
-   0.0.0.0:{{ .tls.containerPort }} ssl
-{{- end -}}
-{{- end -}}
+  {{- if .http.enabled -}}
+    {{- $httpListen = append $httpListen (printf "0.0.0.0:%d" (int64 .http.containerPort)) -}}
+    {{- range $param := .http.parameters }}
+      {{- $httpListen = append $httpListen $param -}}
+    {{- end -}}
 
-{{- end }}
+    {{- $unifiedListen = append $unifiedListen ($httpListen | join " ") -}}
+  {{- end -}}
+
+  {{- if .tls.enabled -}}
+    {{- $tlsListen = append $tlsListen (printf "0.0.0.0:%d ssl" (int64 .tls.containerPort)) -}}
+    {{- range $param := .tls.parameters }}
+      {{- $tlsListen = append $tlsListen $param -}}
+    {{- end -}}
+
+    {{- $unifiedListen = append $unifiedListen ($tlsListen | join " ") -}}
+  {{- end -}}
+
+  {{- $listenString := ($unifiedListen | join ", ") -}}
+  {{- if eq (len $listenString) 0 -}}
+    {{- $listenString = "off" -}}
+  {{- end -}}
+  {{- $listenString -}}
+{{- end -}}
 
 {{/*
 Create the ingress servicePort value string
@@ -307,7 +322,7 @@ the template that it itself is using form the above sections.
 {{- $_ := set $autoEnv "KONG_LUA_PACKAGE_PATH" "/opt/?.lua;/opt/?/init.lua;;" -}}
 
 {{/*
-TODO: remove legacy behavior at a future date
+TODO: remove legacy admin listen behavior at a future date
 */}}
 
 {{- if .Values.admin.containerPort -}} {{/* Legacy admin listener */}}

diff --git a/charts/kong/templates/service-kong-admin.yaml b/charts/kong/templates/service-kong-admin.yaml
@@ -1,5 +1,5 @@
-{{- if .Values.admin.enabled -}}
 {{- if .Values.admin.containerPort -}} {{/* TODO: remove legacy admin handling */}}
+{{- if .Values.admin.enabled -}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -33,7 +33,9 @@ spec:
     protocol: TCP
   selector:
     {{- include "kong.selectorLabels" . | nindent 4 }}
+{{- end -}}
 {{- else -}} {{/* Modern admin handler */}}
+{{- if and .Values.admin.enabled (or .Values.admin.http.enabled .Values.admin.tls.enabled) -}}
 apiVersion: v1
 kind: Service
 metadata:

diff --git a/charts/kong/templates/service-kong-manager.yaml b/charts/kong/templates/service-kong-manager.yaml
@@ -1,4 +1,5 @@
 {{- if .Values.enterprise.enabled }}
+{{- if and .Values.manager.enabled (or .Values.manager.http.enabled .Values.manager.tls.enabled) -}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -48,3 +49,4 @@ spec:
   selector:
     {{- include "kong.selectorLabels" . | nindent 4 }}
 {{- end -}}
+{{- end -}}
diff --git a/charts/kong/templates/service-kong-portal-api.yaml b/charts/kong/templates/service-kong-portal-api.yaml
@@ -1,4 +1,5 @@
 {{- if .Values.enterprise.enabled }}
+{{- if and .Values.portalapi.enabled (or .Values.portalapi.http.enabled .Values.portalapi.tls.enabled) -}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -48,3 +49,4 @@ spec:
   selector:
     {{- include "kong.selectorLabels" . | nindent 4 }}
 {{- end -}}
+{{- end -}}
diff --git a/charts/kong/templates/service-kong-portal.yaml b/charts/kong/templates/service-kong-portal.yaml
@@ -1,4 +1,5 @@
 {{- if .Values.enterprise.enabled }}
+{{- if and .Values.portal.enabled (or .Values.portal.http.enabled .Values.portal.tls.enabled) -}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -48,3 +49,4 @@ spec:
   selector:
     {{- include "kong.selectorLabels" . | nindent 4 }}
 {{- end -}}
+{{- end -}}
diff --git a/charts/kong/templates/service-kong-proxy.yaml b/charts/kong/templates/service-kong-proxy.yaml
@@ -1,3 +1,4 @@
+{{- if and .Values.proxy.enabled (or .Values.proxy.http.enabled .Values.proxy.tls.enabled) -}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -52,3 +53,4 @@ spec:
   {{- end }}
   selector:
     {{- include "kong.selectorLabels" . | nindent 4 }}
+{{- end -}}