Skip to content

Commit 51b2d06

Browse files
OpenGuidouOpenGuidou
committed
feat(redis-ha): Add tls ports to netpol if defined
Signed-off-by: OpenGuidou <guillaume.doussin@gmail.com>
1 parent 697cba5 commit 51b2d06

File tree

4 files changed

+32
-29
lines changed

4 files changed

+32
-29
lines changed

charts/redis-ha/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ keywords:
55
- redis
66
- keyvalue
77
- database
8-
version: 4.32.0
8+
version: 4.33.0
99
appVersion: 7.2.4
1010
description: This Helm chart provides a highly available Redis implementation with a master/slave configuration and uses Sentinel sidecars for failover management
1111
icon: https://upload.wikimedia.org/wikipedia/en/thumb/6/6b/Redis_Logo.svg/1200px-Redis_Logo.svg.png

charts/redis-ha/templates/_helpers.tpl

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -127,4 +127,28 @@ Usage:
127127
{{- $adaptedContext = omit $adaptedContext "capabilities" "seLinuxOptions" -}}
128128
{{- end -}}
129129
{{- omit $adaptedContext "enabled" | toYaml -}}
130+
{{- end -}}
131+
132+
{{/*
133+
Defines the redis ports to be used inside network policies
134+
Usage:
135+
{{- include "redis-ports" . -}}
136+
*/}}
137+
{{- define "redis-ports" -}}
138+
{{- if ne (int .Values.redis.port) 0 }}
139+
- port: {{ .Values.redis.port }}
140+
protocol: TCP
141+
{{- end -}}
142+
{{- if ne (int .Values.sentinel.port) 0 }}
143+
- port: {{ .Values.sentinel.port }}
144+
protocol: TCP
145+
{{- end -}}
146+
{{- if ne (int .Values.redis.tlsPort) 0 }}
147+
- port: {{ .Values.redis.tlsPort }}
148+
protocol: TCP
149+
{{- end -}}
150+
{{- if ne (int .Values.sentinel.tlsPort) 0 }}
151+
- port: {{ .Values.sentinel.tlsPort }}
152+
protocol: TCP
153+
{{- end -}}
130154
{{- end -}}

charts/redis-ha/templates/redis-ha-network-policy.yaml

Lines changed: 4 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -31,10 +31,7 @@ spec:
3131
release: {{ .Release.Name }}
3232
app: {{ template "redis-ha.name" . }}
3333
ports:
34-
- port: {{ .Values.redis.port }}
35-
protocol: TCP
36-
- port: {{ .Values.sentinel.port }}
37-
protocol: TCP
34+
{{- include "redis-ports" . | nindent 6 }}
3835
{{- range $rule := .Values.networkPolicy.egressRules }}
3936
- to:
4037
{{ (tpl (toYaml $rule.selectors) $) | indent 7 }}
@@ -48,21 +45,15 @@ spec:
4845
release: {{ .Release.Name }}
4946
app: {{ template "redis-ha.name" . }}
5047
ports:
51-
- port: {{ .Values.redis.port }}
52-
protocol: TCP
53-
- port: {{ .Values.sentinel.port }}
54-
protocol: TCP
48+
{{- include "redis-ports" . | nindent 6 }}
5549
{{- if .Values.haproxy.enabled }}
5650
- from:
5751
- podSelector:
5852
matchLabels:
5953
release: {{ .Release.Name }}
6054
app: {{ template "redis-ha.name" . }}-haproxy
6155
ports:
62-
- port: {{ .Values.redis.port }}
63-
protocol: TCP
64-
- port: {{ .Values.sentinel.port }}
65-
protocol: TCP
56+
{{- include "redis-ports" . | nindent 6 }}
6657
{{- end }}
6758
{{- range $rule := .Values.networkPolicy.ingressRules }}
6859
- from:
@@ -71,10 +62,7 @@ spec:
7162
{{- if $rule.ports }}
7263
{{ toYaml $rule.ports | indent 7 }}
7364
{{- else }}
74-
- port: {{ $root.Values.redis.port }}
75-
protocol: TCP
76-
- port: {{ $root.Values.sentinel.port }}
77-
protocol: TCP
65+
{{- include "redis-ports" . | nindent 6 }}
7866
{{- end }}
7967
{{- end }}
8068
{{- end }}

charts/redis-ha/templates/redis-haproxy-network-policy.yaml

Lines changed: 3 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -31,10 +31,7 @@ spec:
3131
release: {{ .Release.Name }}
3232
app: {{ template "redis-ha.name" . }}
3333
ports:
34-
- port: {{ .Values.redis.port }}
35-
protocol: TCP
36-
- port: {{ .Values.sentinel.port }}
37-
protocol: TCP
34+
{{- include "redis-ports" . | nindent 6 }}
3835
- to:
3936
- namespaceSelector: {}
4037
ports:
@@ -55,20 +52,14 @@ spec:
5552
release: {{ .Release.Name }}
5653
app: {{ template "redis-ha.name" . }}
5754
ports:
58-
- port: {{ .Values.redis.port }}
59-
protocol: TCP
60-
- port: {{ .Values.sentinel.port }}
61-
protocol: TCP
55+
{{- include "redis-ports" . | nindent 8 }}
6256
{{- range $rule := .Values.haproxy.networkPolicy.ingressRules }}
6357
- from:
6458
{{- (tpl (toYaml $rule.selectors) $) | nindent 8 }}
6559
ports:
6660
{{- if $rule.ports }}
6761
{{- toYaml $rule.ports | nindent 8 }}
6862
{{- end }}
69-
- port: {{ $root.Values.redis.port }}
70-
protocol: TCP
71-
- port: {{ $root.Values.sentinel.port }}
72-
protocol: TCP
63+
{{- include "redis-ports" . | nindent 8 }}
7364
{{- end }}
7465
{{- end }}

0 commit comments

Comments
 (0)