From 58155d94ca968660f36f2919c8e41b1a7bada173 Mon Sep 17 00:00:00 2001 From: theboringstuff <39027092+theboringstuff@users.noreply.github.com> Date: Thu, 26 Feb 2026 12:31:28 +0500 Subject: [PATCH 1/2] fix --- charts/site-manager/templates/_helpers.tpl | 15 ++++++++++++--- charts/site-manager/templates/ingress.yaml | 10 +++------- charts/site-manager/values.yaml | 1 + documentation/internal/HowToWorkWithSmDummy.md | 2 +- documentation/public/installation.md | 2 +- 5 files changed, 18 insertions(+), 12 deletions(-) diff --git a/charts/site-manager/templates/_helpers.tpl b/charts/site-manager/templates/_helpers.tpl index cd71e8b4..e1d8ec56 100644 --- a/charts/site-manager/templates/_helpers.tpl +++ b/charts/site-manager/templates/_helpers.tpl @@ -1,3 +1,14 @@ +{{/* +Return the appropriate host for ingress. +*/}} +{{- define "site-manager.ingress.host" -}} + {{- if .Values.ingress.name }} + {{- .Values.ingress.name }} + {{- else -}} + {{- printf "site-manager-%s.%s" .Release.Namespace .Values.CLOUD_PUBLIC_HOST }} + {{- end -}} +{{- end -}} + {{/* Return the appropriate apiVersion for ingress. */}} @@ -15,9 +26,7 @@ DNS names used to generate SSL certificate with "Subject Alternative Name" field */}} {{- define "site-manager.certDnsNames" -}} {{- $dnsNames := list "localhost" "site-manager" (printf "%s.%s" "site-manager" .Release.Namespace) (printf "%s.%s.svc" "site-manager" .Release.Namespace) -}} - {{- if .Values.ingress.name -}} - {{- $dnsNames = append $dnsNames .Values.ingress.name -}} - {{- end -}} + {{- $dnsNames = append $dnsNames (include "site-manager.ingress.host" .) -}} {{- $dnsNames = concat $dnsNames .Values.tls.generateCerts.subjectAlternativeName.additionalDnsNames -}} {{- $dnsNames | toYaml -}} {{- end -}} diff --git a/charts/site-manager/templates/ingress.yaml b/charts/site-manager/templates/ingress.yaml index 545dbdb5..378123de 100644 --- a/charts/site-manager/templates/ingress.yaml +++ b/charts/site-manager/templates/ingress.yaml @@ -21,21 +21,17 @@ spec: {{- end }} {{- if .Values.tls.enabled }} tls: - {{- if and (.Values.ingress.name) (not .Values.tls.defaultIngressTls ) }} + {{- if not .Values.tls.defaultIngressTls }} - hosts: - - {{ .Values.ingress.name }} + - {{ include "site-manager.ingress.host" . }} secretName: sm-certs {{- else }} - {} {{- end }} {{- end }} rules: - {{- if .Values.ingress.name }} - - host: {{ .Values.ingress.name }} + - host: {{ include "site-manager.ingress.host" . }} http: - {{- else }} - - http: - {{- end }} paths: - pathType: ImplementationSpecific backend: diff --git a/charts/site-manager/values.yaml b/charts/site-manager/values.yaml index 60c5f44e..09fe95dd 100644 --- a/charts/site-manager/values.yaml +++ b/charts/site-manager/values.yaml @@ -97,6 +97,7 @@ tls: additionalIpAddresses: [] PAAS_PLATFORM: KUBERNETES +CLOUD_PUBLIC_HOST: "example.com" crd: install: true diff --git a/documentation/internal/HowToWorkWithSmDummy.md b/documentation/internal/HowToWorkWithSmDummy.md index fdb3a71e..586619fc 100644 --- a/documentation/internal/HowToWorkWithSmDummy.md +++ b/documentation/internal/HowToWorkWithSmDummy.md @@ -56,7 +56,7 @@ The examples, how it can be run, can be found [here](../../ci/cloud-tests/cluste | env.SMA_SM_SA | site-manager service account name (for authorization checking) | "site-manager-sa" if `smSecureAuth` is enabled. Otherwise `sm-auth-sa` | | env.SMA_CUSTOM_AUDIENCE | site-manager custom audience for rest API token. Used only is `smSecureAuth` is enabled | "" | | image | sm-dummy image | | -| ingressName | define URL for ingress | | +| ingressName | define URL for ingress | `site-manager-${.Release.Namespace}.${.Values.CLOUD_PUBLIC_HOST}` | | serviceAccount.create | enable/disable Service Account creation | true | | serviceAccount.name | name of Service Account for sm-dummy | "sm-dummy-sa" | | siteManager.installCR | enable sitemanager-cr | True | diff --git a/documentation/public/installation.md b/documentation/public/installation.md index 596f4462..05c1633f 100644 --- a/documentation/public/installation.md +++ b/documentation/public/installation.md @@ -115,7 +115,7 @@ you can do one of following solutions: | image.pullPolicy | The docker image pull policy. | Always | | image.tag | The docker image tag. | v1.0 | | ingress.create | Enable/disable ingress creation. | true | -| ingress.name | Define URL for `site-manager` ingress. | "" | +| ingress.name | Define URL for `site-manager` ingress. | `site-manager-${.Release.Namespace}.${.Values.CLOUD_PUBLIC_HOST}` | | ingress.className | Define class name for ingress. | "" | | limits.cpu | CPU limits per pod. | 200m | | limits.memory | Memory limits per pod. | 160Mi | From a042c9a60adb7a02d6400843cbd64a2b2afbbaed Mon Sep 17 00:00:00 2001 From: theboringstuff <39027092+theboringstuff@users.noreply.github.com> Date: Mon, 2 Mar 2026 10:08:37 +0500 Subject: [PATCH 2/2] param doc --- documentation/public/installation.md | 1 + 1 file changed, 1 insertion(+) diff --git a/documentation/public/installation.md b/documentation/public/installation.md index 05c1633f..0ccc5517 100644 --- a/documentation/public/installation.md +++ b/documentation/public/installation.md @@ -123,6 +123,7 @@ you can do one of following solutions: | requests.memory | Memory requests per pod. | 75Mi | | affinity | Define affinity rules. | {} | | PAAS_PLATFORM | Define PAAS type. It can be "KUBERNETES" or "OPENSHIFT". | "KUBERNETES" | +| CLOUD_PUBLIC_HOST | Pulic DNS of K8S cluster, Used to construct public available Ingress | `example.com`, or as provided by deployment tool | | paasGeoMonitor | Refer to [paas-geo-monitor documentation](#paas-geo-monitor). | | | priorityClassName | The Priority Class Name for site-manager and paas-geo-monitor deployments | "" | | smSecureAuth | The mode for SM authorization with dr-services. See [API Security Model](architecture.md#api-security-model) for details | false |