Skip to content

Add tpl support for ingress.labels, ingress.extraPaths and nodeSelector#400

Merged
pierluigilenoci merged 6 commits into
oauth2-proxy:mainfrom
treydock:tpl-ingress
May 22, 2026
Merged

Add tpl support for ingress.labels, ingress.extraPaths and nodeSelector#400
pierluigilenoci merged 6 commits into
oauth2-proxy:mainfrom
treydock:tpl-ingress

Conversation

@treydock

@treydock treydock commented Mar 25, 2026

Copy link
Copy Markdown
Contributor

Description

Add deploymentLabels

Allow templated ingress labels, ingress extraPaths and nodeSelector

If you had previously used literal {{ or }} in ingress.labels, ingress.extraPaths, or nodeSelector then those literals must now be escaped. Example:

Before:

ingress:
  enabled: true
  labels:
    test-literal: '{{ not-a-function }}'

After:

ingress:
  enabled: true
  labels:
    test-literal: '{{ "{{" }} not-a-function {{ "}}" }}'

Checklist:

  • I have bumped the version in the Chart.yaml according to Semantic Versioning.
  • I have updated the documentation/CHANGELOG at the bottom of the Chart.yaml
  • I have signed off all my commits.
  • (Optional) I have updated the Chart.lock for dependency updates
  • (Optional) I have implemented helm tests for new feature flags

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR extends the helm/oauth2-proxy chart’s Ingress templating capabilities by allowing Helm tpl evaluation within ingress.labels and ingress.extraPaths, and updates CI values and chart metadata accordingly.

Changes:

  • Add tpl rendering for ingress.labels and ingress.extraPaths in the Ingress template.
  • Extend the CI tpl-values.yaml to cover templated ingress.labels and ingress.extraPaths.
  • Bump chart version and update the ArtifactHub changelog entry/link.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
helm/oauth2-proxy/templates/ingress.yaml Wraps ingress.labels and ingress.extraPaths YAML rendering with tpl to support templated values.
helm/oauth2-proxy/ci/tpl-values.yaml Adds CI coverage values for the new templated Ingress fields.
helm/oauth2-proxy/Chart.yaml Version bump and ArtifactHub changelog update referencing this PR.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread helm/oauth2-proxy/templates/ingress.yaml
Comment thread helm/oauth2-proxy/templates/ingress.yaml Outdated
Comment thread helm/oauth2-proxy/ci/tpl-values.yaml Outdated
@treydock

Copy link
Copy Markdown
Contributor Author

@pierluigilenoci I think some of the Copilot suggestions were incorrect but one suggestion was made to use nindent and strip leading spaces so made that change to both places I modified.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread helm/oauth2-proxy/Chart.yaml
Comment thread helm/oauth2-proxy/Chart.yaml Outdated
@treydock treydock changed the title Add tpl support for ingress.labels and ingress.extraPaths Add tpl support for ingress.labels, ingress.extraPaths and nodeSelector Mar 26, 2026
@treydock

Copy link
Copy Markdown
Contributor Author

@pierluigilenoci Let me know if any additional changes are required

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@tuunit

tuunit commented Mar 31, 2026

Copy link
Copy Markdown
Member

Could we stop opening a single PRs for each next element we want to add tpl to? Could we please just open one large PR for this?

@treydock

Copy link
Copy Markdown
Contributor Author

There was one large PR, but I missed a few things as I had intended to only open 1 PR. I can expand this PR to use tpl in more places but that becomes a challenge if every tpl usage requires some kind of testing values change as likely not all things can be tested with simple chart testing deployments on Github Actions.

@treydock

Copy link
Copy Markdown
Contributor Author

@tuunit Let me know if you'd like me to update this PR to template most/all values with tpl.

@treydock

treydock commented Apr 2, 2026

Copy link
Copy Markdown
Contributor Author

@pierluigilenoci @tuunit Let me know if you'd like me to expand more values to use tpl or if this can be merged as-is.

treydock and others added 6 commits April 18, 2026 18:59
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
Signed-off-by: Trey Dockendorf <tdockendorf@osc.edu>
@treydock

Copy link
Copy Markdown
Contributor Author

@pierluigilenoci I made the requested changes. However this test I don't believe will work:

nodeSelector:
  test-literal: '{{ "{{" }} not-a-function {{ "}}" }}'

During the automated Helm testing, the nodeSelector would not be a valid node label and prevent the pod from starting during the Helm tests. I did the other tests but left off the nodeSelector part.

@treydock

treydock commented May 13, 2026

Copy link
Copy Markdown
Contributor Author

@pierluigilenoci The Helm testing failed because { and } are not valid characters for labels. Maybe the breaking change really isn't breaking since Kubernetes doesn't allow those characters.

	* Ingress.networking.k8s.io "oauth2-proxy-kln9lw335p" is invalid: metadata.labels: Invalid value: "{{ not-a-function }}": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')

https://github.com/oauth2-proxy/manifests/actions/runs/25811007946/job/75826967750?pr=400

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@treydock

Copy link
Copy Markdown
Contributor Author

@pierluigilenoci I put the change back to 10.5.0.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated no new comments.

@pierluigilenoci pierluigilenoci merged commit 491fdd4 into oauth2-proxy:main May 22, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants