From 98b0b1398b61d326a54a971f9238f26ef6a8eaeb Mon Sep 17 00:00:00 2001 From: Ian Serlin Date: Mon, 11 Jun 2018 04:04:16 -0400 Subject: [PATCH 1/2] support the enableTLSAcme flag --- deploy/kubelessDeploy.js | 1 + lib/deploy.js | 6 +++++- lib/ingress.js | 14 ++++++++++---- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/deploy/kubelessDeploy.js b/deploy/kubelessDeploy.js index 7fa10fe..20b91ce 100644 --- a/deploy/kubelessDeploy.js +++ b/deploy/kubelessDeploy.js @@ -147,6 +147,7 @@ class KubelessDeploy { { namespace: this.serverless.service.provider.namespace, hostname: this.serverless.service.provider.hostname, + enableTLSAcme: this.serverless.service.provider.enableTLSAcme || false, defaultDNSResolution: this.serverless.service.provider.defaultDNSResolution, memorySize: this.serverless.service.provider.memorySize, force: this.options.force, diff --git a/lib/deploy.js b/lib/deploy.js index b3d835a..2551d1d 100644 --- a/lib/deploy.js +++ b/lib/deploy.js @@ -392,7 +392,8 @@ function deployFunction(f, namespace, runtime, contentType, options) { f.memorySize || options.memorySize, f.timeout || options.timeout, f.port, - f.secrets + f.secrets, + options.enableTLSAcme ); return functionsApi.getItem(funcs.metadata.name).then((res) => { if (res.code === 404) { @@ -459,6 +460,7 @@ function deploy(functions, runtime, service, options) { verbose: false, log: console.log, contentType: 'text', + enableTLSAcme: false, }); const errors = []; let counter = 0; @@ -483,6 +485,7 @@ function deploy(functions, runtime, service, options) { hostname: options.hostname, defaultDNSResolution: options.defaultDNSResolution, namespace: ns, + enableTLSAcme: options.enableTLSAcme, }), }); }); @@ -501,6 +504,7 @@ function deploy(functions, runtime, service, options) { hostname: options.hostname, defaultDNSResolution: options.defaultDNSResolution, namespace: ns, + enableTLSAcme: options.enableTLSAcme, }), }); }); diff --git a/lib/ingress.js b/lib/ingress.js index f9b8de0..31290b2 100644 --- a/lib/ingress.js +++ b/lib/ingress.js @@ -29,6 +29,7 @@ function addIngressRuleIfNecessary(ruleName, functions, options) { namespace: 'default', hostname: null, defaultDNSResolution: 'nip.io', + enableTLSAcme: false, }); const config = helpers.loadKubeConfig(); const extensions = new Api.Extensions(helpers.getConnectionOptions( @@ -70,14 +71,19 @@ function addIngressRuleIfNecessary(ruleName, functions, options) { return new BbPromise((resolve, reject) => { if (!_.isEmpty(rules)) { // Found a path to deploy the function + const annotations = { + 'kubernetes.io/ingress.class': 'nginx', + 'nginx.ingress.kubernetes.io/rewrite-target': '/', + }; + if (opts.enableTLSAcme) { + annotations['kubernetes.io/tls-acme'] = "true"; + annotations['nginx.ingress.kubernetes.io/ssl-redirect'] = "true"; + } const ingressDef = { kind: 'Ingress', metadata: { name: ruleName, - annotations: { - 'kubernetes.io/ingress.class': 'nginx', - 'nginx.ingress.kubernetes.io/rewrite-target': '/', - }, + annotations, }, spec: { rules }, }; From b3019149a3f8c8623e2c930291dae1f6226b458e Mon Sep 17 00:00:00 2001 From: Ian Serlin Date: Mon, 11 Jun 2018 05:30:09 -0400 Subject: [PATCH 2/2] remove option that doesn't need to be passed --- lib/deploy.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/deploy.js b/lib/deploy.js index 2551d1d..b66e6db 100644 --- a/lib/deploy.js +++ b/lib/deploy.js @@ -392,8 +392,7 @@ function deployFunction(f, namespace, runtime, contentType, options) { f.memorySize || options.memorySize, f.timeout || options.timeout, f.port, - f.secrets, - options.enableTLSAcme + f.secrets ); return functionsApi.getItem(funcs.metadata.name).then((res) => { if (res.code === 404) {