helm-charts/gerrit-replica/templates/istio.ingressgateway.yaml - k8s-gerrit - Git at Google

 {{ if .Values.istio.enabled -}}
 {{ if .Values.istio.tls.enabled }}
 apiVersion: v1
 kind: Secret
 metadata:
   name:  {{ .Release.Name }}-istio-tls-secret
   namespace: istio-system
   labels:
     app: gerrit-replica
     chart: {{ template "gerrit-replica.chart" . }}
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
 type: kubernetes.io/tls
 data:
   {{ with .Values.istio.tls -}}
   tls.crt: {{ .cert | b64enc }}
   tls.key: {{ .key | b64enc }}
   {{- end }}
 {{- end }}
 ---
 apiVersion: networking.istio.io/v1alpha3
 kind: Gateway
 metadata:
   name: {{ .Release.Name }}-istio-gateway
   labels:
     app: gerrit-replica
     chart: {{ template "gerrit-replica.chart" . }}
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
 spec:
   selector:
     istio: ingressgateway
   servers:
   - port:
       number: 80
       name: http
       protocol: HTTP
     hosts:
     - {{ .Values.istio.host }}
   {{ if .Values.istio.tls.enabled }}
     tls:
       httpsRedirect: true
   - port:
       number: 443
       name: https
       protocol: HTTPS
     hosts:
     - {{ .Values.istio.host }}
     tls:
       mode: SIMPLE
       credentialName: {{ .Release.Name }}-istio-tls-secret
   {{- end }}
   {{ if .Values.istio.ssh.enabled }}
   - port:
       number: 29418
       name: ssh
       protocol: TCP
     hosts:
     - {{ .Values.istio.host }}
   {{- end }}
 ---
 apiVersion: networking.istio.io/v1alpha3
 kind: VirtualService
 metadata:
   name: {{ .Release.Name }}-istio-virtual-service
   labels:
     app: gerrit-replica
     chart: {{ template "gerrit-replica.chart" . }}
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
 spec:
   hosts:
   - {{ .Values.istio.host }}
   gateways:
   - {{ .Release.Name }}-istio-gateway
   http:
   - match:
     - uri:
         prefix: /receiver/
     rewrite:
       uri: /
     route:
     - destination:
         host: {{ .Release.Name }}-git-backend-service.{{ .Release.Namespace }}.svc.cluster.local
         port:
           number: 80
   - match:
     - uri:
         prefix: /gerrit/
     - uri:
         prefix: /gerrit
     rewrite:
       uri: /
     route:
     - destination:
         host: {{ .Release.Name }}-gerrit-replica-service.{{ .Release.Namespace }}.svc.cluster.local
         port:
           number: 80
   {{ if .Values.istio.ssh.enabled }}
   tcp:
   - match:
     - port: {{ .Values.gerritReplica.service.ssh.port }}
     route:
     - destination:
         host: {{ .Release.Name }}-gerrit-replica-service.{{ .Release.Namespace }}.svc.cluster.local
         port:
           number: {{ .Values.gerritReplica.service.ssh.port }}
   {{- end }}
 ---
 apiVersion: networking.istio.io/v1alpha3
 kind: DestinationRule
 metadata:
   name: {{ .Release.Name }}-gerrit-destination-rule
   labels:
     app: gerrit-replica
     chart: {{ template "gerrit-replica.chart" . }}
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
 spec:
   host: {{ .Release.Name }}-gerrit-replica-service.{{ .Release.Namespace }}.svc.cluster.local
   trafficPolicy:
     loadBalancer:
       simple: LEAST_CONN
 {{- end }}
	{{ if .Values.istio.enabled -}}
	{{ if .Values.istio.tls.enabled }}
	apiVersion: v1
	kind: Secret
	metadata:
	name: {{ .Release.Name }}-istio-tls-secret
	namespace: istio-system
	labels:
	app: gerrit-replica
	chart: {{ template "gerrit-replica.chart" . }}
	heritage: {{ .Release.Service }}
	release: {{ .Release.Name }}
	type: kubernetes.io/tls
	data:
	{{ with .Values.istio.tls -}}
	tls.crt: {{ .cert \| b64enc }}
	tls.key: {{ .key \| b64enc }}
	{{- end }}
	{{- end }}
	---
	apiVersion: networking.istio.io/v1alpha3
	kind: Gateway
	metadata:
	name: {{ .Release.Name }}-istio-gateway
	labels:
	app: gerrit-replica
	chart: {{ template "gerrit-replica.chart" . }}
	heritage: {{ .Release.Service }}
	release: {{ .Release.Name }}
	spec:
	selector:
	istio: ingressgateway
	servers:
	- port:
	number: 80
	name: http
	protocol: HTTP
	hosts:
	- {{ .Values.istio.host }}
	{{ if .Values.istio.tls.enabled }}
	tls:
	httpsRedirect: true
	- port:
	number: 443
	name: https
	protocol: HTTPS
	hosts:
	- {{ .Values.istio.host }}
	tls:
	mode: SIMPLE
	credentialName: {{ .Release.Name }}-istio-tls-secret
	{{- end }}
	{{ if .Values.istio.ssh.enabled }}
	- port:
	number: 29418
	name: ssh
	protocol: TCP
	hosts:
	- {{ .Values.istio.host }}
	{{- end }}
	---
	apiVersion: networking.istio.io/v1alpha3
	kind: VirtualService
	metadata:
	name: {{ .Release.Name }}-istio-virtual-service
	labels:
	app: gerrit-replica
	chart: {{ template "gerrit-replica.chart" . }}
	heritage: {{ .Release.Service }}
	release: {{ .Release.Name }}
	spec:
	hosts:
	- {{ .Values.istio.host }}
	gateways:
	- {{ .Release.Name }}-istio-gateway
	http:
	- match:
	- uri:
	prefix: /receiver/
	rewrite:
	uri: /
	route:
	- destination:
	host: {{ .Release.Name }}-git-backend-service.{{ .Release.Namespace }}.svc.cluster.local
	port:
	number: 80
	- match:
	- uri:
	prefix: /gerrit/
	- uri:
	prefix: /gerrit
	rewrite:
	uri: /
	route:
	- destination:
	host: {{ .Release.Name }}-gerrit-replica-service.{{ .Release.Namespace }}.svc.cluster.local
	port:
	number: 80
	{{ if .Values.istio.ssh.enabled }}
	tcp:
	- match:
	- port: {{ .Values.gerritReplica.service.ssh.port }}
	route:
	- destination:
	host: {{ .Release.Name }}-gerrit-replica-service.{{ .Release.Namespace }}.svc.cluster.local
	port:
	number: {{ .Values.gerritReplica.service.ssh.port }}
	{{- end }}
	---
	apiVersion: networking.istio.io/v1alpha3
	kind: DestinationRule
	metadata:
	name: {{ .Release.Name }}-gerrit-destination-rule
	labels:
	app: gerrit-replica
	chart: {{ template "gerrit-replica.chart" . }}
	heritage: {{ .Release.Service }}
	release: {{ .Release.Name }}
	spec:
	host: {{ .Release.Name }}-gerrit-replica-service.{{ .Release.Namespace }}.svc.cluster.local
	trafficPolicy:
	loadBalancer:
	simple: LEAST_CONN
	{{- end }}