diff options
| author |   Pramod <pramod.raghavendra.jayathirth@intel.com> | 2019-08-26 19:31:18 -0700 |
|---|---|---|
| committer | Pramod <pramod.raghavendra.jayathirth@intel.com> | 2019-09-23 17:13:55 -0700 |
| commit | 70dd04d817b1505aca9aa38d87bddf210b6c8e54 (patch) | |
| tree | 8829f4281b0ae899ef981fac559b7568be893de9 /deployments/helm/servicemesh/policy/templates | |
| parent | 7c1fb25948c06e4e0b572241ae292fc31a4f4af1 (diff) | |
Add helm chart for Istio Policies
Issue-ID: MULTICLOUD-789
Signed-off-by: Pramod <pramod.raghavendra.jayathirth@intel.com>
Change-Id: I16d1c1df0e9d8955040c78f5e67e1dd50e761040
Diffstat (limited to 'deployments/helm/servicemesh/policy/templates')
| -rw-r--r-- | deployments/helm/servicemesh/policy/templates/_helpers.tpl | 25 | ||||
| -rw-r--r-- | deployments/helm/servicemesh/policy/templates/policy.yaml | 33 |
2 files changed, 58 insertions, 0 deletions
diff --git a/deployments/helm/servicemesh/policy/templates/_helpers.tpl b/deployments/helm/servicemesh/policy/templates/_helpers.tpl new file mode 100644 index 00000000..5516ee45 --- /dev/null +++ b/deployments/helm/servicemesh/policy/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/deployments/helm/servicemesh/policy/templates/policy.yaml b/deployments/helm/servicemesh/policy/templates/policy.yaml new file mode 100644 index 00000000..fa51cedf --- /dev/null +++ b/deployments/helm/servicemesh/policy/templates/policy.yaml @@ -0,0 +1,33 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: "authentication.istio.io/v1alpha1" +kind: "Policy" +metadata: + name: {{ template "fullname" . }} + namespace: istio-system + labels: + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + targets: + - name: {{ .Values.targetservice }} + peers: + - mtls: {} + origins: + - jwt: + issuer: {{ .Values.jwtissuer }} + jwksUri: {{ .Values.jwksUri }} + principalBinding: USE_ORIGIN |