From 08422b7a29de28144736404ff3b6943e97bb7222 Mon Sep 17 00:00:00 2001 From: Mikhail Scherba Date: Mon, 23 Mar 2026 16:43:12 +0300 Subject: [PATCH 1/4] update module gateway Signed-off-by: Mikhail Scherba --- charts/helm_lib/README.md | 36 +++++++++---------- ...efault_gateway.tpl => _module_gateway.tpl} | 14 +++++--- ...eway.yaml => helm_lib_module_gateway.yaml} | 2 +- ...yaml => helm_lib_module_gateway_test.yaml} | 30 +++++++++++++--- 4 files changed, 54 insertions(+), 28 deletions(-) rename charts/helm_lib/templates/{_default_gateway.tpl => _module_gateway.tpl} (52%) rename tests/templates/{helm_lib_default_gateway.yaml => helm_lib_module_gateway.yaml} (68%) rename tests/tests/{helm_lib_default_gateway_test.yaml => helm_lib_module_gateway_test.yaml} (60%) diff --git a/charts/helm_lib/README.md b/charts/helm_lib/README.md index 6f462ae..b1f7bd4 100644 --- a/charts/helm_lib/README.md +++ b/charts/helm_lib/README.md @@ -34,8 +34,6 @@ | [helm_lib_application_container_security_context_read_only_root_filesystem_capabilities_drop_all_pss_restricted](#helm_lib_application_container_security_context_read_only_root_filesystem_capabilities_drop_all_pss_restricted) | | **Csi Controller** | | [helm_lib_csi_image_with_common_fallback](#helm_lib_csi_image_with_common_fallback) | -| **Default Gateway** | -| [helm_lib_default_gateway](#helm_lib_default_gateway) | | **Dns Policy** | | [helm_lib_dns_policy_bootstraping_state](#helm_lib_dns_policy_bootstraping_state) | | **Enable Ds Eviction** | @@ -56,6 +54,8 @@ | **Module Ephemeral Storage** | | [helm_lib_module_ephemeral_storage_logs_with_extra](#helm_lib_module_ephemeral_storage_logs_with_extra) | | [helm_lib_module_ephemeral_storage_only_logs](#helm_lib_module_ephemeral_storage_only_logs) | +| **Module Gateway** | +| [helm_lib_module_gateway](#helm_lib_module_gateway) | | **Module Generate Common Name** | | [helm_lib_module_generate_common_name](#helm_lib_module_generate_common_name) | | **Module Https** | @@ -491,22 +491,6 @@ list: - Container raw name - Kubernetes semantic version -## Default Gateway - -### helm_lib_default_gateway - - accepts a dict that is updated with current default gateway name and namespace - -#### Usage - -`{{- include "helm_lib_default_gateway" (list . $gateway) ` - -#### Arguments - -list: -- Template context with .Values, .Chart, etc -- An empty dict to update with current default gateway name and namespace - ## Dns Policy ### helm_lib_dns_policy_bootstraping_state @@ -662,6 +646,22 @@ list: - Template context with .Values, .Chart, etc +## Module Gateway + +### helm_lib_module_gateway + + accepts a dict that is updated with current gateway name and namespace + +#### Usage + +`{{- include "helm_lib_module_gateway" (list . $gateway) ` + +#### Arguments + +list: +- Template context with .Values, .Chart, etc +- An empty dict to update with current default gateway name and namespace + ## Module Generate Common Name ### helm_lib_module_generate_common_name diff --git a/charts/helm_lib/templates/_default_gateway.tpl b/charts/helm_lib/templates/_module_gateway.tpl similarity index 52% rename from charts/helm_lib/templates/_default_gateway.tpl rename to charts/helm_lib/templates/_module_gateway.tpl index da08d26..2ad4e63 100644 --- a/charts/helm_lib/templates/_default_gateway.tpl +++ b/charts/helm_lib/templates/_module_gateway.tpl @@ -1,12 +1,16 @@ -{{- /* Usage: {{- include "helm_lib_default_gateway" (list . $gateway) */ -}} -{{- /* accepts a dict that is updated with current default gateway name and namespace */ -}} -{{- define "helm_lib_default_gateway" -}} +{{- /* Usage: {{- include "helm_lib_module_gateway" (list . $gateway) */ -}} +{{- /* accepts a dict that is updated with current gateway name and namespace */ -}} +{{- define "helm_lib_module_gateway" -}} {{- $context := index . 0 -}} {{- /* Template context with .Values, .Chart, etc */ -}} {{- $result := index . 1 -}} {{- /* An empty dict to update with current default gateway name and namespace */ -}} {{- $g := dict -}} - {{- if hasKey $context.Values.global.modules "gatewayAPIDefaultGateway" -}} - {{- $g = $context.Values.global.modules.gatewayAPIDefaultGateway -}} + {{- $module_values := (index $context.Values (include "helm_lib_module_camelcase_name" $context)) -}} + + {{- if hasKey $module_values "gatewayAPIGateway" -}} + {{- $g = $module_values.gatewayAPIGateway -}} + {{- else if hasKey $context.Values.global.modules "gatewayAPIGateway" -}} + {{- $g = $context.Values.global.modules.gatewayAPIGateway -}} {{- else if and (hasKey $context.Values.global "discovery") (hasKey $context.Values.global.discovery "gatewayAPIDefaultGateway") -}} {{- $g = $context.Values.global.discovery.gatewayAPIDefaultGateway -}} {{- end -}} diff --git a/tests/templates/helm_lib_default_gateway.yaml b/tests/templates/helm_lib_module_gateway.yaml similarity index 68% rename from tests/templates/helm_lib_default_gateway.yaml rename to tests/templates/helm_lib_module_gateway.yaml index 3251d5f..00b5b98 100644 --- a/tests/templates/helm_lib_default_gateway.yaml +++ b/tests/templates/helm_lib_module_gateway.yaml @@ -1,5 +1,5 @@ {{- $gateway := dict -}} -{{- include "helm_lib_default_gateway" (list . $gateway) }} +{{- include "helm_lib_module_gateway" (list . $gateway) }} result: {{- if $gateway }} name: {{ $gateway.name }} diff --git a/tests/tests/helm_lib_default_gateway_test.yaml b/tests/tests/helm_lib_module_gateway_test.yaml similarity index 60% rename from tests/tests/helm_lib_default_gateway_test.yaml rename to tests/tests/helm_lib_module_gateway_test.yaml index ec6694f..0c18b54 100644 --- a/tests/tests/helm_lib_default_gateway_test.yaml +++ b/tests/tests/helm_lib_module_gateway_test.yaml @@ -1,6 +1,6 @@ -suite: helm_lib_default_gateway definition +suite: helm_lib_module_gateway definition templates: - - helm_lib_default_gateway.yaml + - helm_lib_module_gateway.yaml tests: - it: should return an empty result if default gateway isn't discovered set: @@ -29,11 +29,11 @@ tests: name: "d8" namespace: "d8-alb-istio" - - it: should return a default gateway from the module config + - it: should return a gateway from the global modules config set: global: modules: - gatewayAPIDefaultGateway: + gatewayAPIGateway: name: "shared-gateway" namespace: "d8-shared-gateway" discovery: @@ -46,3 +46,25 @@ tests: value: name: "shared-gateway" namespace: "d8-shared-gateway" + + - it: should return a gateway from the module config + set: + testModule: + gatewayAPIGateway: + name: "local-gateway" + namespace: "local-gateway" + global: + modules: + gatewayAPIGateway: + name: "shared-gateway" + namespace: "d8-shared-gateway" + discovery: + gatewayAPIDefaultGateway: + name: "d8" + namespace: "d8-alb-istio" + asserts: + - equal: + path: "result" + value: + name: "local-gateway" + namespace: "local-gateway" From 3d70ad5b09788449bee10243d4229eb521eb0d81 Mon Sep 17 00:00:00 2001 From: Mikhail Scherba Date: Mon, 23 Mar 2026 17:01:24 +0300 Subject: [PATCH 2/4] add tls route Signed-off-by: Mikhail Scherba --- charts/helm_lib/README.md | 16 +++++- charts/helm_lib/templates/_module_https.tpl | 14 ++++- ...lm_lib_module_https_route_tls_enabled.yaml | 1 + ...b_module_https_route_tls_enabled_test.yaml | 51 +++++++++++++++++++ 4 files changed, 80 insertions(+), 2 deletions(-) create mode 100644 tests/templates/helm_lib_module_https_route_tls_enabled.yaml create mode 100644 tests/tests/helm_lib_module_https_route_tls_enabled_test.yaml diff --git a/charts/helm_lib/README.md b/charts/helm_lib/README.md index b1f7bd4..cc46e81 100644 --- a/charts/helm_lib/README.md +++ b/charts/helm_lib/README.md @@ -63,6 +63,7 @@ | [helm_lib_module_https_mode](#helm_lib_module_https_mode) | | [helm_lib_module_https_cert_manager_cluster_issuer_name](#helm_lib_module_https_cert_manager_cluster_issuer_name) | | [helm_lib_module_https_ingress_tls_enabled](#helm_lib_module_https_ingress_tls_enabled) | +| [helm_lib_module_https_route_tls_enabled](#helm_lib_module_https_route_tls_enabled) | | [helm_lib_module_https_copy_custom_certificate](#helm_lib_module_https_copy_custom_certificate) | | [helm_lib_module_https_secret_name](#helm_lib_module_https_secret_name) | | **Module Image** | @@ -721,7 +722,7 @@ list: ### helm_lib_module_https_ingress_tls_enabled - returns not empty string if tls should enable for ingress + returns not empty string if tls should be enabled for ingress #### Usage @@ -732,6 +733,19 @@ list: - Template context with .Values, .Chart, etc +### helm_lib_module_https_route_tls_enabled + + returns not empty string if tls should be enabled for route + +#### Usage + +`{{ if (include "helm_lib_module_https_route_tls_enabled" .) }} ` + +#### Arguments + +- Template context with .Values, .Chart, etc + + ### helm_lib_module_https_copy_custom_certificate Renders secret with [custom certificate](https://deckhouse.io/products/kubernetes-platform/documentation/v1/reference/api/global.html#parameters-modules-https-customcertificate) diff --git a/charts/helm_lib/templates/_module_https.tpl b/charts/helm_lib/templates/_module_https.tpl index f4d61f8..24c5d37 100644 --- a/charts/helm_lib/templates/_module_https.tpl +++ b/charts/helm_lib/templates/_module_https.tpl @@ -108,7 +108,7 @@ certManager: {{- end -}} {{- /* Usage: {{ if (include "helm_lib_module_https_ingress_tls_enabled" .) }} */ -}} -{{- /* returns not empty string if tls should enable for ingress */ -}} +{{- /* returns not empty string if tls should be enabled for the ingress */ -}} {{- define "helm_lib_module_https_ingress_tls_enabled" -}} {{- $context := . -}} {{- /* Template context with .Values, .Chart, etc */ -}} @@ -119,6 +119,18 @@ certManager: {{- end -}} {{- end -}} +{{- /* Usage: {{ if (include "helm_lib_module_https_route_tls_enabled" .) }} */ -}} +{{- /* returns not empty string if tls should be enabled for the route */ -}} +{{- define "helm_lib_module_https_route_tls_enabled" -}} + {{- $context := . -}} {{- /* Template context with .Values, .Chart, etc */ -}} + + {{- $mode := include "helm_lib_module_https_mode" $context -}} + + {{- if or (eq "CertManager" $mode) (eq "CustomCertificate" $mode) -}} + not empty string + {{- end -}} +{{- end -}} + {{- /* Usage: {{ include "helm_lib_module_https_copy_custom_certificate" (list . "namespace" "secret_name_prefix") }} */ -}} {{- /* Renders secret with [custom certificate](https://deckhouse.io/products/kubernetes-platform/documentation/v1/reference/api/global.html#parameters-modules-https-customcertificate) */ -}} {{- /* in passed namespace with passed prefix */ -}} diff --git a/tests/templates/helm_lib_module_https_route_tls_enabled.yaml b/tests/templates/helm_lib_module_https_route_tls_enabled.yaml new file mode 100644 index 0000000..663e3de --- /dev/null +++ b/tests/templates/helm_lib_module_https_route_tls_enabled.yaml @@ -0,0 +1 @@ +tls_enabled: {{ include "helm_lib_module_https_route_tls_enabled" . }} diff --git a/tests/tests/helm_lib_module_https_route_tls_enabled_test.yaml b/tests/tests/helm_lib_module_https_route_tls_enabled_test.yaml new file mode 100644 index 0000000..650c7de --- /dev/null +++ b/tests/tests/helm_lib_module_https_route_tls_enabled_test.yaml @@ -0,0 +1,51 @@ +suite: helm_lib_module_https_route_tls_enabled definition +templates: + - helm_lib_module_https_route_tls_enabled.yaml +set: + global: + modules: + https: + mode: "Disabled" + enabledModules: ["cert-manager"] +tests: + - it: should return not empty string for CertManager mode + set: + testModule: + https: + mode: "CertManager" + certManager: + clusterIssuerName: "letsencrypt" + asserts: + - equal: + path: "tls_enabled" + value: "not empty string" + + - it: should return not empty string for CustomCertificate mode + set: + testModule: + https: + mode: "CustomCertificate" + asserts: + - equal: + path: "tls_enabled" + value: "not empty string" + + - it: should return null for Disabled mode + set: + testModule: + https: + mode: "Disabled" + asserts: + - equal: + path: "tls_enabled" + value: null + + - it: should return null for OnlyInURI mode + set: + testModule: + https: + mode: "OnlyInURI" + asserts: + - equal: + path: "tls_enabled" + value: null From 887cd45135bf4162e4f3fc58ec04f59737d0777a Mon Sep 17 00:00:00 2001 From: Mikhail Scherba Date: Mon, 23 Mar 2026 17:11:05 +0300 Subject: [PATCH 3/4] Chart Signed-off-by: Mikhail Scherba --- charts/helm_lib/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/helm_lib/Chart.yaml b/charts/helm_lib/Chart.yaml index 41012cb..bb52333 100644 --- a/charts/helm_lib/Chart.yaml +++ b/charts/helm_lib/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 type: library name: deckhouse_lib_helm -version: 1.71.2 +version: 1.71.4 description: "Helm utils template definitions for Deckhouse modules." From c23548fff4464c580f316af14555e13880c2b110 Mon Sep 17 00:00:00 2001 From: Mikhail Scherba Date: Mon, 23 Mar 2026 17:15:01 +0300 Subject: [PATCH 4/4] doc Signed-off-by: Mikhail Scherba --- charts/helm_lib/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/helm_lib/README.md b/charts/helm_lib/README.md index cc46e81..a05333f 100644 --- a/charts/helm_lib/README.md +++ b/charts/helm_lib/README.md @@ -722,7 +722,7 @@ list: ### helm_lib_module_https_ingress_tls_enabled - returns not empty string if tls should be enabled for ingress + returns not empty string if tls should be enabled for the ingress #### Usage @@ -735,7 +735,7 @@ list: ### helm_lib_module_https_route_tls_enabled - returns not empty string if tls should be enabled for route + returns not empty string if tls should be enabled for the route #### Usage