platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

devel: change whitelist_ips to just whitelisr

Browse Source
This commit is contained in:
Jonas Juselius
2025-06-22 09:14:24 +02:00
parent 7607373146
commit 13d7b66911
6 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
values/argo/values/argocd.yaml.gotmpl
+2 -2
View File
@@ -264,7 +264,7 @@ server:
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
{{- with .Values.clusterConfig.ingress_whitelist_ips }}
{{- with .Values.clusterConfig.ingress_whitelist }}
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
{{- end }}
hosts:
@@ -286,7 +286,7 @@ applicationSet:
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
# {{- with .Values.clusterConfig.ingress_whitelist_ips}}
# {{- with .Values.clusterConfig.ingress_whitelist}}
# NOTE(kai): include gitlab and github webhook ranges
# nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }},192.30.252.0/22,140.82.112.0/20,34.74.226.27/28,34.74.226.0/24
# {{- end }}
values/env-oceanbox.yaml
+1 -1
View File
@@ -25,7 +25,7 @@ clusterConfig:
patterns: []
cidr: []
nodes: []
ingress_whitelist_ips:
ingress_whitelist:
#itp internal
- 10.0.0.0/8
- 172.16.0.0/12
values/env.yaml
+1 -1
View File
@@ -15,7 +15,7 @@ clusterConfig:
nodenames: []
nodes: []
ingress_clusterissuer: "letsencrypt-production"
ingress_whitelist_ips:
ingress_whitelist:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
values/prometheus/values/prometheus.yaml.gotmpl
+4 -4
View File
@@ -72,7 +72,7 @@ alertmanager:
annotations:
cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
{{- with .Values.clusterConfig.ingress_whitelist_ips }}
{{- with .Values.clusterConfig.ingress_whitelist }}
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
{{- end }}
hosts:
@@ -173,7 +173,7 @@ grafana:
annotations:
cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
{{- with .Values.clusterConfig.ingress_whitelist_ips}}
{{- with .Values.clusterConfig.ingress_whitelist}}
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
{{- end }}
hosts:
@@ -437,7 +437,7 @@ prometheus:
cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
{{- with .Values.clusterConfig.ingress_whitelist_ips }}
{{- with .Values.clusterConfig.ingress_whitelist }}
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
{{- end }}
kubernetes.io/ingress.allow-http: "false"
@@ -458,7 +458,7 @@ prometheus:
annotations:
cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
{{- with .Values.clusterConfig.ingress_whitelist_ips }}
{{- with .Values.clusterConfig.ingress_whitelist }}
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
{{- end }}
hosts:
values/system/oceanbox/kyverno/whitelist-internal-ingresses.yaml
+2 -2
View File
@@ -46,7 +46,7 @@ spec:
patchStrategicMerge:
metadata:
annotations:
{{- with .Values.clusterConfig.ingress_whitelist_ips }}
{{- with .Values.clusterConfig.ingress_whitelist }}
nginx.ingress.kubernetes.io/whitelist-source-range: "{{`{{ @ }}`}},{{ join "," . }}"
{{- end }}
- name: add-nginx-whitelist
@@ -66,7 +66,7 @@ spec:
patchStrategicMerge:
metadata:
annotations:
{{- with .Values.clusterConfig.ingress_whitelist_ips }}
{{- with .Values.clusterConfig.ingress_whitelist }}
nginx.ingress.kubernetes.io/whitelist-source-range: "{{ join "," . }}"
{{- end }}
{{- end }}
values/tempo/values/tempo.yaml.gotmpl
+1 -1
View File
@@ -40,7 +40,7 @@ tempoQuery:
annotations:
cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
{{- with .Values.cluster_config.ingress_whitelist_ips }}
{{- with .Values.cluster_config.ingress_whitelist }}
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
{{- end }}
path: /