From f1ca3305433a201c498a5eb3ea9d3a1905e2038b Mon Sep 17 00:00:00 2001 From: olalekan odukoya Date: Thu, 2 Apr 2026 14:33:54 +0100 Subject: [PATCH] support path based routing --- README.md.gotmpl | 1 - charts/agent/templates/deployment.yaml | 4 +- charts/agent/templates/ingress.yaml | 47 +++++++++++++ charts/agent/templates/rollout.yaml | 4 +- charts/agent/values.yaml | 14 ++++ charts/server/templates/_helpers.tpl | 4 +- charts/server/templates/deployment.yaml | 2 +- charts/server/templates/ingress.yaml | 6 +- charts/server/templates/rollout.yaml | 2 +- templates/_helpers.tpl | 6 ++ templates/unified-ingress.yaml | 93 +++++++++++++++++++++++++ values.yaml | 80 +++++++++++++++++++-- 12 files changed, 247 insertions(+), 16 deletions(-) create mode 100644 charts/agent/templates/ingress.yaml create mode 100644 templates/_helpers.tpl create mode 100644 templates/unified-ingress.yaml diff --git a/README.md.gotmpl b/README.md.gotmpl index df8dd3b..27c2448 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -39,7 +39,6 @@ helm install convoy convoy/convoy --values values.yaml ```bash helm install convoy . ``` - {{ template "chart.valuesSection" . }} {{- if not .SkipVersionFooter }} diff --git a/charts/agent/templates/deployment.yaml b/charts/agent/templates/deployment.yaml index 62df5fa..1a02413 100755 --- a/charts/agent/templates/deployment.yaml +++ b/charts/agent/templates/deployment.yaml @@ -91,11 +91,13 @@ spec: - name: HTTP_PROXY value: {{ .Values.env.proxy | quote }} - name: CONVOY_LOGGER_LEVEL - value: {{ .Values.env.log_level | quote }} + value: {{ coalesce .Values.env.log_level .Values.global.convoy.log_level "error" | quote }} - name: CONVOY_ENV value: {{ .Values.env.environment | quote }} - name: CONVOY_SIGNUP_ENABLED value: {{ .Values.env.sign_up_enabled | quote }} + - name: CONVOY_ROOT_PATH + value: {{ .Values.env.root_path | quote }} {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} - name: CONVOY_DISPATCHER_CACERT_PATH value: "/etc/convoy/ca.crt" diff --git a/charts/agent/templates/ingress.yaml b/charts/agent/templates/ingress.yaml new file mode 100644 index 0000000..0ecdf3a --- /dev/null +++ b/charts/agent/templates/ingress.yaml @@ -0,0 +1,47 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "convoy-agent.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else -}} +apiVersion: apiextensions.k8s.io/v1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "convoy-agent.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.ingress.ingressClassName }} + ingressClassName: {{ . | quote }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .http.paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/agent/templates/rollout.yaml b/charts/agent/templates/rollout.yaml index 596860d..9b231dc 100644 --- a/charts/agent/templates/rollout.yaml +++ b/charts/agent/templates/rollout.yaml @@ -93,11 +93,13 @@ spec: - name: HTTP_PROXY value: {{ .Values.env.proxy | quote }} - name: CONVOY_LOGGER_LEVEL - value: {{ .Values.env.log_level | quote }} + value: {{ coalesce .Values.env.log_level .Values.global.convoy.log_level "error" | quote }} - name: CONVOY_ENV value: {{ .Values.env.environment | quote }} - name: CONVOY_SIGNUP_ENABLED value: {{ .Values.env.sign_up_enabled | quote }} + - name: CONVOY_ROOT_PATH + value: {{ .Values.env.root_path | quote }} {{- if or .Values.global.convoy.cacert_secret_name .Values.global.convoy.cacert_content }} - name: CONVOY_DISPATCHER_CACERT_PATH value: "/etc/convoy/ca.crt" diff --git a/charts/agent/values.yaml b/charts/agent/values.yaml index 5e283cc..c4f3ae0 100755 --- a/charts/agent/values.yaml +++ b/charts/agent/values.yaml @@ -72,6 +72,8 @@ env: proxy: "" sign_up_enabled: false log_level: "error" + # -- Base path when exposed behind a path-prefix (e.g. Ingress path /agent). Sets CONVOY_ROOT_PATH. Use "" when each service has its own hostname. + root_path: "" auth: file: basic: [] @@ -167,6 +169,18 @@ rollout: enabled: false strategy: {} +ingress: + enabled: false + annotations: {} + ingressClassName: "" + tls: [] + hosts: + - host: agent.example.com + http: + paths: + - path: / + pathType: Prefix + autoscaling: enabled: true minReplicas: 2 diff --git a/charts/server/templates/_helpers.tpl b/charts/server/templates/_helpers.tpl index 1284001..e82d3a1 100755 --- a/charts/server/templates/_helpers.tpl +++ b/charts/server/templates/_helpers.tpl @@ -11,8 +11,8 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this If release name contains chart name it will be used as a full name. */}} {{- define "convoy-server.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- if or .Values.fullNameOverride .Values.fullnameOverride }} +{{- coalesce .Values.fullNameOverride .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} {{- $name := default .Chart.Name .Values.nameOverride }} {{- if contains $name .Release.Name }} diff --git a/charts/server/templates/deployment.yaml b/charts/server/templates/deployment.yaml index 5d2006b..3ec7e74 100755 --- a/charts/server/templates/deployment.yaml +++ b/charts/server/templates/deployment.yaml @@ -98,7 +98,7 @@ spec: - name: CONVOY_ROOT_PATH value: {{ .Values.env.root_path | quote }} - name: CONVOY_LOGGER_LEVEL - value: {{ .Values.env.log_level | quote }} + value: {{ coalesce .Values.env.log_level .Values.global.convoy.log_level "error" | quote }} - name: CONVOY_SIGNUP_ENABLED value: {{ .Values.env.sign_up_enabled | quote }} - name: CONVOY_MAX_RESPONSE_SIZE diff --git a/charts/server/templates/ingress.yaml b/charts/server/templates/ingress.yaml index 699731e..fbf693e 100755 --- a/charts/server/templates/ingress.yaml +++ b/charts/server/templates/ingress.yaml @@ -16,7 +16,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: - ingressClassName: {{ .Values.ingress.ingressClassName }} + {{- with .Values.ingress.ingressClassName }} + ingressClassName: {{ . | quote }} + {{- end }} {{- if .Values.ingress.tls }} tls: {{- range .Values.ingress.tls }} @@ -42,4 +44,4 @@ spec: number: {{ $svcPort }} {{- end }} {{- end }} - {{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/server/templates/rollout.yaml b/charts/server/templates/rollout.yaml index 4326e9a..548107a 100644 --- a/charts/server/templates/rollout.yaml +++ b/charts/server/templates/rollout.yaml @@ -100,7 +100,7 @@ spec: - name: CONVOY_ROOT_PATH value: {{ .Values.env.root_path | quote }} - name: CONVOY_LOGGER_LEVEL - value: {{ .Values.env.log_level | quote }} + value: {{ coalesce .Values.env.log_level .Values.global.convoy.log_level "error" | quote }} - name: CONVOY_SIGNUP_ENABLED value: {{ .Values.env.sign_up_enabled | quote }} - name: CONVOY_MAX_RESPONSE_SIZE diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl new file mode 100644 index 0000000..7f8d217 --- /dev/null +++ b/templates/_helpers.tpl @@ -0,0 +1,6 @@ +{{- define "convoy.labels" -}} +helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/name: {{ .Chart.Name }} +{{- end }} diff --git a/templates/unified-ingress.yaml b/templates/unified-ingress.yaml new file mode 100644 index 0000000..9d7b650 --- /dev/null +++ b/templates/unified-ingress.yaml @@ -0,0 +1,93 @@ +{{- if .Values.unifiedIngress.enabled }} +{{- if not (and .Values.server.enabled .Values.agent.enabled) }} +{{- fail "unifiedIngress.enabled requires both server.enabled and agent.enabled" }} +{{- end }} +{{- if .Values.server.ingress.enabled }} +{{- fail "Set server.ingress.enabled to false when using unifiedIngress (one Ingress routes to both services)" }} +{{- end }} +{{- if .Values.agent.ingress.enabled }} +{{- fail "Set agent.ingress.enabled to false when using unifiedIngress (one Ingress routes to both services)" }} +{{- end }} +{{- if .Values.server.gateway.enabled }} +{{- fail "Set server.gateway.enabled to false when using unifiedIngress" }} +{{- end }} +{{- $serverSvc := coalesce .Values.unifiedIngress.serverServiceName .Values.server.fullNameOverride }} +{{- $agentSvc := coalesce .Values.unifiedIngress.agentServiceName .Values.agent.fullNameOverride }} +{{- if not $serverSvc }} +{{- fail "unifiedIngress: set unifiedIngress.serverServiceName or server.fullNameOverride so the server Service name is known" }} +{{- end }} +{{- if not $agentSvc }} +{{- fail "unifiedIngress: set unifiedIngress.agentServiceName or agent.fullNameOverride so the agent Service name is known" }} +{{- end }} +{{- $serverPort := .Values.unifiedIngress.server.servicePort | default .Values.server.service.port }} +{{- $agentPort := .Values.unifiedIngress.agent.servicePort | default .Values.agent.service.port }} +{{- $mode := .Values.unifiedIngress.mode | default "prefix" }} +{{- if and (ne $mode "prefix") (ne $mode "split") }} +{{- fail "unifiedIngress.mode must be prefix or split" }} +{{- end }} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion }} +apiVersion: networking.k8s.io/v1 +{{- else }} +apiVersion: apiextensions.k8s.io/v1 +{{- end }} +kind: Ingress +metadata: + name: {{ .Release.Name }}-unified + labels: + {{- include "convoy.labels" . | nindent 4 }} + {{- with .Values.unifiedIngress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.unifiedIngress.ingressClassName }} + ingressClassName: {{ . | quote }} + {{- end }} + {{- if .Values.unifiedIngress.tls }} + tls: + {{- range .Values.unifiedIngress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + - host: {{ .Values.unifiedIngress.host | quote }} + http: + paths: +{{- if eq $mode "split" }} +{{- range .Values.unifiedIngress.split.agentPaths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $agentSvc }} + port: + number: {{ $agentPort }} +{{- end }} + - path: {{ .Values.unifiedIngress.split.serverPath.path }} + pathType: {{ .Values.unifiedIngress.split.serverPath.pathType }} + backend: + service: + name: {{ $serverSvc }} + port: + number: {{ $serverPort }} +{{- else }} + - path: {{ .Values.unifiedIngress.server.path }} + pathType: {{ .Values.unifiedIngress.server.pathType }} + backend: + service: + name: {{ $serverSvc }} + port: + number: {{ $serverPort }} + - path: {{ .Values.unifiedIngress.agent.path }} + pathType: {{ .Values.unifiedIngress.agent.pathType }} + backend: + service: + name: {{ $agentSvc }} + port: + number: {{ $agentPort }} +{{- end }} +{{- end }} diff --git a/values.yaml b/values.yaml index f87a9bc..11a9e7a 100755 --- a/values.yaml +++ b/values.yaml @@ -1,10 +1,10 @@ global: convoy: - # -- Docker image tags for all convoy components + # -- Image repository for server and agent containers. image: &image "getconvoy/convoy" - # -- Docker image tags for all convoy components + # -- Image tag (AppVersion default if unset in subchart). tag: &tag "v26.3.5" - # -- Logger Level for all convoy components + # -- Default CONVOY_LOGGER_LEVEL for server and agent when their env.log_level is unset (empty). Allowed: debug, info, warn, warning, error, fatal. log_level: &logLevel "error" # -- Convoy Environment environment: &environment "oss" @@ -133,6 +133,46 @@ global: # -- Port for the external redis port: "6379" +# -- Single Ingress for server and agent on one host. Mutually exclusive with server.ingress, agent.ingress, and server.gateway. +unifiedIngress: + # -- Create the parent-chart Ingress resource. + enabled: false + # -- prefix: traffic under server.path and agent.path to each Service; set CONVOY_ROOT_PATH to match. split: split.agentPaths to agent, then split.serverPath to server (root_path usually ""). + mode: prefix + # -- IngressClassName (e.g. nginx). Omitted in the manifest when empty. + ingressClassName: "" + # -- Annotations on the Ingress object. + annotations: {} + # -- Hostname for spec.rules (HTTP Host). + host: webhook.example.com + # -- TLS entries (hosts + secretName per entry). + tls: [] + # -- Server Service name override. Default: server.fullNameOverride, else Helm-generated name from the release. + serverServiceName: "" + # -- Agent Service name override. Default: agent.fullNameOverride, else Helm-generated name from the release. + agentServiceName: "" + server: + # -- Backend path for the server (prefix mode only). + path: /server + pathType: Prefix + # -- Backend Service port number; defaults to server.service.port. + servicePort: null + agent: + # -- Backend path for the agent (prefix mode only). + path: /agent + pathType: Prefix + # -- Backend Service port number; defaults to agent.service.port. + servicePort: null + split: + # -- Agent routes (split mode). List specific prefixes before split.serverPath so they win over a catch-all /. + agentPaths: + - path: /ingest + pathType: Prefix + # -- Server route for all other paths (split mode); typically / with Prefix. + serverPath: + path: / + pathType: Prefix + # @ignored, used in case of external chart postgresql: # -- Set to false if you don't want to create a postgres instance @@ -187,7 +227,10 @@ agent: environment: *environment proxy: "" sign_up_enabled: false - log_level: *logLevel + # -- CONVOY_LOGGER_LEVEL for the agent container. Empty: use global.convoy.log_level. + log_level: "" + # -- CONVOY_ROOT_PATH; must match the agent Ingress path when using prefix routing (e.g. /agent). + root_path: "" smtp: enabled: false from: "" @@ -273,6 +316,23 @@ agent: # -- Port for the agent service port: 80 + ingress: + # -- Agent-only Ingress. Disable when unifiedIngress.enabled is true. + enabled: false + # -- Annotations on the Ingress. + annotations: {} + # -- IngressClassName. Omitted when empty. + ingressClassName: "" + # -- TLS configuration. + tls: [] + # -- List of host rules; each entry sets spec.rules[].host and http.paths (all backends point at this chart's Service). + hosts: + - host: agent.example.com + http: + paths: + - path: / + pathType: Prefix + autoscaling: # -- Enable autoscaling for the agent enabled: false @@ -322,9 +382,11 @@ server: env: environment: *environment - log_level: *logLevel + # -- CONVOY_LOGGER_LEVEL for the server container. Empty: use global.convoy.log_level. + log_level: "" + # -- CONVOY_HOST (public URL host for links; optional in many installs). host: "" - # -- Configure root patth for convoy server e.g. "/convoy" + # -- CONVOY_ROOT_PATH. Match the path prefix in server.ingress or unifiedIngress (prefix/split) so generated URLs align. root_path: "" sign_up_enabled: false # -- Max response body when ingesting webhooks (might be renamed). Defaults to 50KB @@ -405,14 +467,18 @@ server: # memory: 1000Mi ingress: - # -- Enable ingress for the server + # -- Server-only Ingress. Disable when unifiedIngress.enabled is true. enabled: true + # -- Annotations on the Ingress. annotations: {} + # -- IngressClassName. Omitted when empty. ingressClassName: "" + # -- TLS configuration. tls: - hosts: - test.com secretName: test-tls-secret + # -- Host rules; paths route to this chart's Service (service.port). hosts: - host: test.com http: