Update ingress creation for multiple host names

2025-02-10 10:56:00 +05:30 · 2025-02-10 10:56:00 +05:30 · 9bc8ce4866
commit 9bc8ce4866
parent f98e75c81f
2 changed files with 31 additions and 25 deletions
--- a/stack_orchestrator/deploy/k8s/cluster_info.py
+++ b/stack_orchestrator/deploy/k8s/cluster_info.py
@ -117,19 +117,23 @@ class ClusterInfo:
    def get_ingress(self, use_tls=False, certificate=None, cluster_issuer="letsencrypt-prod"):
        # No ingress for a deployment that has no http-proxy defined, for now
        http_proxy_info_list = self.spec.get_http_proxy()
-        ingress = None
+        if not http_proxy_info_list:
-        if http_proxy_info_list:
+            return None
-            # TODO: handle multiple definitions
+
-            http_proxy_info = http_proxy_info_list[0]
+        tls = [] if use_tls else None
        rules = []
        for http_proxy_info in http_proxy_info_list:
            if opts.o.debug:
                print(f"http-proxy: {http_proxy_info}")
            # TODO: good enough parsing for webapp deployment for now
            host_name = http_proxy_info["host-name"]
-            rules = []
+
-            tls = [client.V1IngressTLS(
+            if use_tls:
-                hosts=certificate["spec"]["dnsNames"] if certificate else [host_name],
+                tls.append(client.V1IngressTLS(
-                secret_name=certificate["spec"]["secretName"] if certificate else f"{self.app_name}-tls"
+                    hosts=certificate["spec"]["dnsNames"] if certificate else [host_name],
-            )] if use_tls else None
+                    secret_name=certificate["spec"]["secretName"] if certificate else f"{self.app_name}-{host_name}-tls"
                ))
            paths = []
            for route in http_proxy_info["routes"]:
                path = route["path"]
@ -156,24 +160,24 @@ class ClusterInfo:
                    paths=paths
                )
            ))
-            spec = client.V1IngressSpec(
+        spec = client.V1IngressSpec(
-                tls=tls,
+            tls=tls,
-                rules=rules
+            rules=rules
-            )
+        )
-            ingress_annotations = {
+        ingress_annotations = {
-                "kubernetes.io/ingress.class": "nginx",
+            "kubernetes.io/ingress.class": "nginx",
-            }
+        }
-            if not certificate:
+        if not certificate:
-                ingress_annotations["cert-manager.io/cluster-issuer"] = cluster_issuer
+            ingress_annotations["cert-manager.io/cluster-issuer"] = cluster_issuer
-            ingress = client.V1Ingress(
+        ingress = client.V1Ingress(
-                metadata=client.V1ObjectMeta(
+            metadata=client.V1ObjectMeta(
-                    name=f"{self.app_name}-ingress",
+                name=f"{self.app_name}-ingress",
-                    annotations=ingress_annotations
+                annotations=ingress_annotations
-                ),
+            ),
-                spec=spec
+            spec=spec
-            )
+        )
        return ingress
    # TODO: suppoprt multiple services
--- a/stack_orchestrator/deploy/k8s/deploy_k8s.py
+++ b/stack_orchestrator/deploy/k8s/deploy_k8s.py
@ -230,6 +230,7 @@ class K8sDeployer(Deployer):
        http_proxy_info = self.cluster_info.spec.get_http_proxy()
        # Note: at present we don't support tls for kind (and enabling tls causes errors)
        use_tls = http_proxy_info and not self.is_kind()
        # TODO Handle for multiple http_proxy_info
        certificate = self._find_certificate_for_host_name(http_proxy_info[0]["host-name"]) if use_tls else None
        if opts.o.debug:
            if certificate:
@ -367,6 +368,7 @@ class K8sDeployer(Deployer):
            # Destroy the kind cluster
            destroy_cluster(self.kind_cluster_name)
    # TODO: Update for multiple host-names
    def status(self):
        self.connect_api()
        # Call whatever API we need to get the running container list