Merge pull request #32 from RedHatGov/expose-ssh

Expose ssh
RedHatGov · Feb 17, 2021 · 30a1c76 · 30a1c76
2 parents e2e7dee + f3906cb
commit 30a1c76
Show file tree

Hide file tree

Showing 7 changed files with 64 additions and 17 deletions.
diff --git a/config/crd/bases/redhatgov.io_giteas.yaml b/config/crd/bases/redhatgov.io_giteas.yaml
@@ -67,6 +67,12 @@ spec:
                         description: Defines SSL/TLS state, if your IngressController/Router supports it
                         type: boolean
                         default: True
+                      loadBalancer:
+                        description: |
+                          Defines whether the gitea service should create an exernal load-balancer
+                          in supported cloud providers. Required for external SSH.
+                        type: boolean
+                        default: False
                   image:
                     description: Defines the ways in which the Gitea image should be sourced and managed
                     type: object

diff --git a/hack/operate.conf b/hack/operate.conf
@@ -1,5 +1,5 @@
 IMG=quay.io/redhatgov/gitea-operator
 KIND=Gitea
 CR_SAMPLE=redhatgov_v1alpha1_gitea_openshift.yaml
-VERSION=0.0.5
+VERSION=0.0.6
 CHANNELS=alpha
diff --git a/playbooks/gitea-operator.yml b/playbooks/gitea-operator.yml
@@ -36,6 +36,7 @@
       _gitea_expose_method: "{{ gitea.expose.kind | default('Route') }}"
       _gitea_expose_uri: "{{ gitea.expose.uri | default('') }}"
       _gitea_ssl: "{{ gitea.expose.ssl | default(True) }}"
+      _gitea_load_balancer: "{{ gitea.expose.load_balancer | default(False) }}"
 
       _gitea_image: "{{ gitea.image.src | default('quay.io/redhatgov/gitea') }}"
       _gitea_image_tag: "{{ gitea.image.tag | default('latest') }}"

diff --git a/roles/gitea-ocp/tasks/main.yml b/roles/gitea-ocp/tasks/main.yml
@@ -52,6 +52,20 @@
   set_fact:
     _gitea_actual_route: "{{ r_route.resources[0].spec.host }}"
 
+- name: Get external hostname from Service if external SSH is needed
+  block:
+  - name: Recover LB service details
+    k8s_info:
+      api_version: v1
+      kind: Service
+      name: "{{ _gitea_name }}-ssh"
+      namespace: "{{ _gitea_namespace }}"
+    register: _gitea_lb_service
+  - name: Register LB service hostname
+    set_fact:
+      _gitea_lb_address: '{{ _gitea_lb_service.resources[0].status.loadBalancer.ingress[0].hostname }}'
+  when: _gitea_load_balancer
+
 - name: Set Route dependant OpenShift Objects for Gitea to {{ _gitea_state }}
   k8s:
     state: "{{ _gitea_state }}"

diff --git a/roles/gitea-ocp/templates/config_map.yml.j2 b/roles/gitea-ocp/templates/config_map.yml.j2
@@ -31,7 +31,7 @@ data:
 
     [server]
     ROOT_URL         = {{ 'http' if not _gitea_ssl|bool else 'https' }}://{{ _gitea_actual_route|default(_gitea_expose_uri) }}
-    SSH_DOMAIN       = {{ _gitea_actual_route|default(_gitea_expose_uri) }}
+    SSH_DOMAIN       = {{ _gitea_lb_address|default(_gitea_actual_route|default(_gitea_expose_uri)) }}
     DOMAIN           = {{ _gitea_actual_route|default(_gitea_expose_uri) }}
     HTTP_PORT        = 3000
     SSH_PORT         = 2022

diff --git a/roles/gitea-ocp/templates/deployment.yml.j2 b/roles/gitea-ocp/templates/deployment.yml.j2
@@ -23,6 +23,8 @@ spec:
         ports:
         - containerPort: 3000
           protocol: TCP
+        - containerPort: 2022
+          protocol: TCP
         readinessProbe:
           httpGet:
             path: /

diff --git a/roles/gitea-ocp/templates/service.yml.j2 b/roles/gitea-ocp/templates/service.yml.j2
@@ -1,17 +1,41 @@
-kind: Service
 apiVersion: v1
+kind: List
+items:
+- kind: Service
+  apiVersion: v1
+  metadata:
+    name: "{{ _gitea_name }}"
+    namespace: "{{ _gitea_namespace }}"
+    labels:
+      app: "{{ _gitea_name }}"
+  spec:
+    selector:
+      app: "{{ _gitea_name }}"
+    ports:
+    - name: gitea
+      port: 3000
+      protocol: TCP
+      targetPort: 3000
+    sessionAffinity: None
+    type: ClusterIP
+{% if _gitea_load_balancer|bool %}
+- kind: Service
+  apiVersion: v1
+  metadata:
+    name: "{{ _gitea_name }}-ssh"
+    namespace: "{{ _gitea_namespace }}"
+    labels:
+      app: "{{ _gitea_name }}"
+  spec:
+    selector:
+      app: "{{ _gitea_name }}"
+    ports:
+    - name: gitea-ssh
+      port: 2022
+      protocol: TCP
+      targetPort: 2022
+    sessionAffinity: None
+    type: LoadBalancer
+{% endif %}
 metadata:
-  name: "{{ _gitea_name }}"
-  namespace: "{{ _gitea_namespace }}"
-  labels:
-    app: "{{ _gitea_name }}"
-spec:
-  selector:
-    app: "{{ _gitea_name }}"
-  ports:
-  - name: gitea
-    port: 3000
-    protocol: TCP
-    targetPort: 3000
-  sessionAffinity: None
-  type: ClusterIP
+  resourceVersion: ""