Skip to content
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions applications/common/deploy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ harness:
auto: true
port: 8080
name: common
proxy:
gatekeeper:
replicas: 1
deployment:
auto: true
name: common
Expand Down
3 changes: 3 additions & 0 deletions applications/samples/deploy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ harness:
usenfs: false
auto: true
port: 8080
proxy:
gatekeeper:
replicas: 1
uri_role_mapping:
- uri: /
white-listed: true
Expand Down
3 changes: 3 additions & 0 deletions applications/volumemanager/deploy/values.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
harness:
name: volumemanager
subdomain: volumemanager
proxy:
gatekeeper:
replicas: 1
service:
port: 8080
auto: true
Expand Down
5 changes: 2 additions & 3 deletions deployment-configuration/helm/templates/auto-gatekeepers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ metadata:
labels:
app: "{{ .subdomain }}-gk"
spec:
replicas: 1
replicas: {{ .app.harness.proxy.gatekeeper.replicas | default .root.Values.proxy.gatekeeper.replicas | default 5 }}
selector:
matchLabels:
app: "{{ .subdomain }}-gk"
Expand All @@ -135,7 +135,7 @@ spec:
{{ include "deploy_utils.etcHosts" .root | indent 6 }}
containers:
- name: {{ .app.harness.service.name | quote }}
image: "quay.io/gogatekeeper/gatekeeper:2.14.3"
image: {{ .app.harness.proxy.gatekeeper.image | default .root.Values.proxy.gatekeeper.image | default "quay.io/gogatekeeper/gatekeeper:2.14.3" }}
imagePullPolicy: IfNotPresent
{{ if .root.Values.local }}
securityContext:
Expand Down Expand Up @@ -165,7 +165,6 @@ spec:
resources:
requests:
memory: "32Mi"

Copilot AI Oct 23, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CPU request was removed but CPU limit remains. Consider whether the CPU limit should also be removed, or if a request should be restored to ensure proper resource allocation and scheduling.

Suggested change
memory: "32Mi"
memory: "32Mi"
cpu: "100m"

Copilot uses AI. Check for mistakes.

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cpu request has been removed to ensure pods can be scheduled with high replicas

cpu: "5m"
limits:
memory: "64Mi"
cpu: "100m"
Expand Down
44 changes: 42 additions & 2 deletions deployment-configuration/helm/templates/ingress.yaml
Original file line number Diff line number Diff line change
@@ -1,15 +1,52 @@
{{- define "deploy_utils.ingress.http" }}
{{ $domain := .root.Values.domain }}
{{ $secured_gatekeepers := and .root.Values.secured_gatekeepers }}
{{ $app := .app }}
http:
paths:
{{- if and $app.harness.secured $secured_gatekeepers $app.harness.uri_role_mapping }}
{{- range $mapping := $app.harness.uri_role_mapping }}
{{- if and (hasKey $mapping "white-listed") (index $mapping "white-listed") }}
{{- $uri := $mapping.uri }}
{{- if eq $uri "/" }}
- path: /()
pathType: ImplementationSpecific
backend:
service:
name: {{ $app.harness.service.name | quote }}
port:
number: {{ $app.harness.service.port | default 80 }}
{{- else if hasSuffix "/*" $uri }}
{{- $cleanPath := trimSuffix "/*" $uri }}
{{- $pathWithoutSlash := trimPrefix "/" $cleanPath }}
- path: {{ printf "/(%s/.*)" $pathWithoutSlash }}
pathType: ImplementationSpecific
backend:
service:
name: {{ $app.harness.service.name | quote }}
port:
number: {{ $app.harness.service.port | default 80 }}
{{- else if not (contains "*" $uri) }}
{{- $pathWithoutSlash := trimPrefix "/" $uri }}
- path: {{ printf "/(%s)" $pathWithoutSlash }}
pathType: ImplementationSpecific
backend:
service:
name: {{ $app.harness.service.name | quote }}
port:
number: {{ $app.harness.service.port | default 80 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
- path: /(.*)
pathType: ImplementationSpecific
backend:
service:
name: {{ if (and .app.harness.secured $secured_gatekeepers) }}{{ printf "%s-gk" .subdomain }}{{ else }}{{ .app.harness.service.name | quote }}{{ end }}
name: {{ if (and $app.harness.secured $secured_gatekeepers) }}{{ printf "%s-gk" .subdomain }}{{ else }}{{ $app.harness.service.name | quote }}{{ end }}
port:
number: {{- if (and .app.harness.secured $secured_gatekeepers) }} 8080 {{- else }} {{ .app.harness.service.port | default 80 }}{{- end }}
number: {{- if (and $app.harness.secured $secured_gatekeepers) }} 8080 {{- else }} {{ $app.harness.service.port | default 80 }}{{- end }}

{{- end }}
{{- define "deploy_utils.ingress.service" }}
{{ $domain := .root.Values.domain }}
Expand Down Expand Up @@ -40,6 +77,9 @@ metadata:
nginx.ingress.kubernetes.io/ssl-redirect: {{ (and $tls .Values.ingress.ssl_redirect) | quote }}
nginx.ingress.kubernetes.io/proxy-body-size: '{{ .Values.proxy.payload.max }}m'
nginx.ingress.kubernetes.io/proxy-buffer-size: '128k'
nginx.ingress.kubernetes.io/proxy-buffering: "on"
nginx.ingress.kubernetes.io/proxy-buffers-number: "8"
nginx.ingress.kubernetes.io/proxy-max-temp-file-size: "1024m"
nginx.ingress.kubernetes.io/from-to-www-redirect: 'true'
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/auth-keepalive-timeout: {{ .Values.proxy.timeout.keepalive | quote }}
Expand Down
5 changes: 5 additions & 0 deletions deployment-configuration/helm/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -76,3 +76,8 @@ proxy:
payload:
# -- Maximum size of payload in MB
max: 250
gatekeeper:
# -- Default gatekeeper image
image: "quay.io/gogatekeeper/gatekeeper:2.14.3"
# -- Default number of gatekeeper replicas
replicas: 5
5 changes: 5 additions & 0 deletions deployment-configuration/value-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -139,3 +139,8 @@ harness:
payload:
# -- Maximum size of payload in MB
max:
gatekeeper:
# -- Default gatekeeper image
image: "quay.io/gogatekeeper/gatekeeper:2.14.3"
# -- Default number of gatekeeper replicas
replicas: 5
31 changes: 31 additions & 0 deletions docs/model/GatekeeperConf.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# GatekeeperConf



## Properties

Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**image** | **str** | | [optional]
**replicas** | **int** | | [optional]

## Example

```python
from cloudharness_model.models.gatekeeper_conf import GatekeeperConf

# TODO update the JSON string below
json = "{}"
# create an instance of GatekeeperConf from a JSON string
gatekeeper_conf_instance = GatekeeperConf.from_json(json)
# print the JSON string representation of the object
print(GatekeeperConf.to_json())

# convert the object into a dict
gatekeeper_conf_dict = gatekeeper_conf_instance.to_dict()
# create an instance of GatekeeperConf from a dict
gatekeeper_conf_from_dict = GatekeeperConf.from_dict(gatekeeper_conf_dict)
```
[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)


1 change: 1 addition & 0 deletions docs/model/ProxyConf.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ Name | Type | Description | Notes
**forwarded_headers** | **bool** | | [optional]
**payload** | [**ProxyPayloadConf**](ProxyPayloadConf.md) | | [optional]
**timeout** | [**ProxyTimeoutConf**](ProxyTimeoutConf.md) | | [optional]
**gatekeeper** | [**GatekeeperConf**](GatekeeperConf.md) | | [optional]

## Example

Expand Down
1 change: 1 addition & 0 deletions libraries/models/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ Class | Method | HTTP request | Description
- [DockerfileConfig](docs/DockerfileConfig.md)
- [E2ETestsConfig](docs/E2ETestsConfig.md)
- [FileResourcesConfig](docs/FileResourcesConfig.md)
- [GatekeeperConf](docs/GatekeeperConf.md)
- [GitDependencyConfig](docs/GitDependencyConfig.md)
- [HarnessMainConfig](docs/HarnessMainConfig.md)
- [IngressConfig](docs/IngressConfig.md)
Expand Down
Loading
Loading