lionsdev/helm-chart-lions-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: chart Helm parent lions-app v1.0.0 — templates hardened (secretKeyRef, readOnlyRootFS, NetworkPolicy, ExternalSecret, PDB, SM, HPA)

Browse Source
This commit is contained in:
dahoud
2026-04-22 14:22:00 +00:00
commit ab865631fe
16 changed files with 1074 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
templates/ingress.yaml Normal file
View File

@@ -0,0 +1,49 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "lions-app.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "lions-app.labels" . | nindent 4 }}
annotations:
# cert-manager
cert-manager.io/cluster-issuer: {{ .Values.ingress.clusterIssuer | quote }}
{{- if .Values.ingress.pathPrefix.enabled }}
# Mode prefix-strip : le path /prefix(/|$)(.*) est rewrité en /$2
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2
{{- end }}
{{- if .Values.ingress.rateLimit.enabled }}
nginx.ingress.kubernetes.io/limit-rpm: {{ .Values.ingress.rateLimit.rpm | default 1000 | quote }}
nginx.ingress.kubernetes.io/limit-connections: {{ .Values.ingress.rateLimit.connections | default 100 | quote }}
{{- end }}
{{- if .Values.ingress.cors.enabled }}
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-origin: {{ .Values.ingress.cors.origins | quote }}
nginx.ingress.kubernetes.io/cors-allow-methods: {{ .Values.ingress.cors.methods | quote }}
nginx.ingress.kubernetes.io/cors-allow-headers: {{ .Values.ingress.cors.headers | quote }}
{{- end }}
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.className | default "nginx" }}
{{- if .Values.ingress.tls.enabled }}
tls:
- hosts:
- {{ .Values.ingress.host | quote }}
secretName: {{ .Values.ingress.tls.secretName | default (include "lions-app.tlsSecretName" .) }}
{{- end }}
rules:
- host: {{ .Values.ingress.host | quote }}
http:
paths:
- path: {{ include "lions-app.ingressPath" . }}
pathType: {{ include "lions-app.ingressPathType" . }}
backend:
service:
name: {{ include "lions-app.name" . }}
port:
number: {{ .Values.service.port }}
{{- end }}