Skip to content

Commit

Permalink
feat: ✨ add missing consulCatalogEnterprise provider for Hub
Browse files Browse the repository at this point in the history
  • Loading branch information
@darkweaver87
darkweaver87 authored Feb 24, 2025
1 parent 4b54eba commit 8ad7023
Show file tree
Hide file tree
Showing 8 changed files with 326 additions and 3 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
id: "https://traefik.io/traefik-helm-chart.schema.json"
title: "Traefik Proxy Helm Chart"
description: "The Cloud Native Application Proxy"
additional-properties: true
additionalProperties: true
fail-on-diff: true

- name: Check traefik-crds if values schema is up-to-date
Expand All @@ -42,7 +42,7 @@ jobs:
id: "https://traefik.io/traefik-crds-helm-chart.schema.json"
title: "Traefik CRDs Helm Chart"
description: "The Cloud Native Application Proxy"
additional-properties: false
additionalProperties: false
fail-on-diff: true

- name: Lint Chart
Expand Down
27 changes: 27 additions & 0 deletions traefik/VALUES.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,33 @@ Kubernetes: `>=1.22.0-0`
| hub.apimanagement.enabled | bool | `false` | Set to true in order to enable API Management. Requires a valid license token. |
| hub.apimanagement.openApi.validateRequestMethodAndPath | bool | `false` | When set to true, it will only accept paths and methods that are explicitly defined in its OpenAPI specification |
| hub.experimental.aigateway | bool | `false` | Set to true in order to enable AI Gateway. Requires a valid license token. |
| hub.providers.consulCatalogEnterprise.cache | bool | `false` | Use local agent caching for catalog reads. |
| hub.providers.consulCatalogEnterprise.connectAware | bool | `false` | Enable Consul Connect support. |
| hub.providers.consulCatalogEnterprise.connectByDefault | bool | `false` | Consider every service as Connect capable by default. |
| hub.providers.consulCatalogEnterprise.constraints | string | `""` | Constraints is an expression that Traefik matches against the container's labels |
| hub.providers.consulCatalogEnterprise.defaultRule | string | `"Host(`{{ normalize .Name }}`)"` | Default rule. |
| hub.providers.consulCatalogEnterprise.enabled | bool | `false` | Enable Consul Catalog Enterprise backend with default settings. |
| hub.providers.consulCatalogEnterprise.endpoint.address | string | `""` | The address of the Consul server |
| hub.providers.consulCatalogEnterprise.endpoint.datacenter | string | `""` | Data center to use. If not provided, the default agent data center is used |
| hub.providers.consulCatalogEnterprise.endpoint.endpointWaitTime | int | `0` | WaitTime limits how long a Watch will block. If not provided, the agent default |
| hub.providers.consulCatalogEnterprise.endpoint.httpauth.password | string | `""` | Basic Auth password |
| hub.providers.consulCatalogEnterprise.endpoint.httpauth.username | string | `""` | Basic Auth username |
| hub.providers.consulCatalogEnterprise.endpoint.scheme | string | `""` | The URI scheme for the Consul server |
| hub.providers.consulCatalogEnterprise.endpoint.tls.ca | string | `""` | TLS CA |
| hub.providers.consulCatalogEnterprise.endpoint.tls.cert | string | `""` | TLS cert |
| hub.providers.consulCatalogEnterprise.endpoint.tls.insecureSkipVerify | bool | `false` | TLS insecure skip verify |
| hub.providers.consulCatalogEnterprise.endpoint.tls.key | string | `""` | TLS key |
| hub.providers.consulCatalogEnterprise.endpoint.token | string | `""` | Token is used to provide a per-request ACL token which overrides the agent's |
| hub.providers.consulCatalogEnterprise.exposedByDefault | bool | `true` | Expose containers by default. |
| hub.providers.consulCatalogEnterprise.namespaces | string | `""` | Sets the namespaces used to discover services (Consul Enterprise only). |
| hub.providers.consulCatalogEnterprise.partition | string | `""` | Sets the partition used to discover services (Consul Enterprise only). |
| hub.providers.consulCatalogEnterprise.prefix | string | `"traefik"` | Prefix for consul service tags. |
| hub.providers.consulCatalogEnterprise.refreshInterval | int | `15` | Interval for check Consul API. |
| hub.providers.consulCatalogEnterprise.requireConsistent | bool | `false` | Forces the read to be fully consistent. |
| hub.providers.consulCatalogEnterprise.serviceName | string | `"traefik"` | Name of the Traefik service in Consul Catalog (needs to be registered via the |
| hub.providers.consulCatalogEnterprise.stale | bool | `false` | Use stale consistency for catalog reads. |
| hub.providers.consulCatalogEnterprise.strictChecks | string | `"passing, warning"` | A list of service health statuses to allow taking traffic. |
| hub.providers.consulCatalogEnterprise.watch | bool | `false` | Watch Consul API events. |
| hub.providers.microcks.auth.clientId | string | `""` | Microcks API client ID. |
| hub.providers.microcks.auth.clientSecret | string | `""` | Microcks API client secret. |
| hub.providers.microcks.auth.endpoint | string | `""` | Microcks API endpoint. |
Expand Down
3 changes: 3 additions & 0 deletions traefik/templates/_podtemplate.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -815,6 +815,9 @@
{{- if and $.Values.tracing.otlp.enabled .tracing.additionalTraceHeaders.enabled }}
{{- include "traefik.yaml2CommandLineArgs" (dict "path" "hub.tracing.additionalTraceHeaders.traceContext" "content" $.Values.hub.tracing.additionalTraceHeaders.traceContext) | nindent 10 }}
{{- end }}
{{- if .providers.consulCatalogEnterprise.enabled }}
{{- include "traefik.yaml2CommandLineArgs" (dict "path" "hub.providers.consulCatalogEnterprise" "content" (omit $.Values.hub.providers.consulCatalogEnterprise "enabled")) | nindent 10 }}
{{- end }}
{{- if .providers.microcks.enabled }}
{{- include "traefik.yaml2CommandLineArgs" (dict "path" "hub.providers.microcks" "content" (omit $.Values.hub.providers.microcks "enabled")) | nindent 10 }}
{{- end }}
Expand Down
4 changes: 4 additions & 0 deletions traefik/templates/requirements.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,10 @@
{{ fail "ERROR: additionalTraceHeaders needs tracing.otlp to be enabled."}}
{{- end }}

{{- if and (semverCompare "<v3.6.0" $hubVersion) .Values.hub.providers.consulCatalogEnterprise.enabled }}
{{ fail "ERROR: consulCatalogEnterprise provider is a feature only available for traefik-hub >= v3.6.0."}}
{{- end }}

{{- if and (semverCompare "<v3.7.0" $hubVersion) .Values.hub.providers.microcks.enabled }}
{{ fail "ERROR: microcks provider is a feature only available for traefik-hub >= v3.7.0."}}
{{- end }}
Expand Down
14 changes: 13 additions & 1 deletion traefik/tests/requirements-config_test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -223,4 +223,16 @@ tests:
additionalTraceHeaders:
enabled: true
asserts:
- notFailedTemplate: {}
- notFailedTemplate: {}
- it: should fail when using consulCatalogEnterprise provider on hub < 3.6.0
set:
image:
tag: v3.5.0
hub:
token: "xxx"
providers:
consulCatalogEnterprise:
enabled: true
asserts:
- failedTemplate:
errorMessage: "ERROR: consulCatalogEnterprise provider is a feature only available for traefik-hub >= v3.6.0."
117 changes: 117 additions & 0 deletions traefik/tests/traefik-config_test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -829,3 +829,120 @@ tests:
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.microcks.endpoint=http://microcks.svc"
- it: should be possible to configure Traefik Hub consulCatalogEnterprise provider
set:
image:
tag: v3.9.0
tracing:
otlp:
enabled: true
hub:
token: "xxx"
providers:
consulCatalogEnterprise:
enabled: true
cache: true
connectAware: true
connectByDefault: true
constraints: "constraints"
defaultRule: "defaultRule"
endpoint:
address: "address"
datacenter: "datacenter"
endpointWaitTime: 1
httpauth:
password: "password"
username: "username"
scheme: "scheme"
tls:
ca: "ca"
cert: "cert"
insecureSkipVerify: true
key: "key"
token: "token"
exposedByDefault: false
namespaces: "namespaces"
partition: "partition"
prefix: "prefix"
refreshInterval: 2
requireConsistent: true
serviceName: "serviceName"
stale: true
strictChecks: "strictChecks"
watch: true
asserts:
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.cache=true"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.connectAware=true"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.connectByDefault=true"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.constraints=constraints"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.defaultRule=defaultRule"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.address=address"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.datacenter=datacenter"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.endpointWaitTime=1"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.httpauth.password=password"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.httpauth.username=username"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.scheme=scheme"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.tls.ca=ca"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.tls.cert=cert"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.tls.insecureSkipVerify=true"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.tls.key=key"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.endpoint.token=token"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.namespaces=namespaces"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.partition=partition"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.prefix=prefix"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.refreshInterval=2"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.requireConsistent=true"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.serviceName=serviceName"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.stale=true"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.strictChecks=strictChecks"
- contains:
path: spec.template.spec.containers[0].args
content: "--hub.providers.consulCatalogEnterprise.watch=true"
101 changes: 101 additions & 0 deletions traefik/values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,6 +292,107 @@
},
"providers": {
"properties": {
"consulCatalogEnterprise": {
"properties": {
"cache": {
"type": "boolean"
},
"connectAware": {
"type": "boolean"
},
"connectByDefault": {
"type": "boolean"
},
"constraints": {
"type": "string"
},
"defaultRule": {
"type": "string"
},
"enabled": {
"type": "boolean"
},
"endpoint": {
"properties": {
"address": {
"type": "string"
},
"datacenter": {
"type": "string"
},
"endpointWaitTime": {
"type": "integer"
},
"httpauth": {
"properties": {
"password": {
"type": "string"
},
"username": {
"type": "string"
}
},
"type": "object"
},
"scheme": {
"type": "string"
},
"tls": {
"properties": {
"ca": {
"type": "string"
},
"cert": {
"type": "string"
},
"insecureSkipVerify": {
"type": "boolean"
},
"key": {
"type": "string"
}
},
"type": "object"
},
"token": {
"type": "string"
}
},
"type": "object"
},
"exposedByDefault": {
"type": "boolean"
},
"namespaces": {
"type": "string"
},
"partition": {
"type": "string"
},
"prefix": {
"type": "string"
},
"refreshInterval": {
"type": "integer"
},
"requireConsistent": {
"type": "boolean"
},
"serviceName": {
"type": "string"
},
"stale": {
"type": "boolean"
},
"strictChecks": {
"type": "string"
},
"watch": {
"type": "boolean"
}
},
"type": "object"
},
"microcks": {
"properties": {
"auth": {
Expand Down
59 changes: 59 additions & 0 deletions traefik/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -949,6 +949,64 @@ hub:
# -- Set to true in order to enable AI Gateway. Requires a valid license token.
aigateway: false
providers:
consulCatalogEnterprise:
# -- Enable Consul Catalog Enterprise backend with default settings.
enabled: false
# -- Use local agent caching for catalog reads.
cache: false
# -- Enable Consul Connect support.
connectAware: false
# -- Consider every service as Connect capable by default.
connectByDefault: false
# -- Constraints is an expression that Traefik matches against the container's labels
constraints: ""
# -- Default rule.
defaultRule: "Host(`{{ normalize .Name }}`)"
endpoint:
# -- The address of the Consul server
address: ""
# -- Data center to use. If not provided, the default agent data center is used
datacenter: ""
# -- WaitTime limits how long a Watch will block. If not provided, the agent default
endpointWaitTime: 0
httpauth:
# -- Basic Auth password
password: ""
# -- Basic Auth username
username: ""
# -- The URI scheme for the Consul server
scheme: ""
tls:
# -- TLS CA
ca: ""
# -- TLS cert
cert: ""
# -- TLS insecure skip verify
insecureSkipVerify: false
# -- TLS key
key: ""
# -- Token is used to provide a per-request ACL token which overrides the agent's
token: ""
# -- Expose containers by default.
exposedByDefault: true
# -- Sets the namespaces used to discover services (Consul Enterprise only).
namespaces: ""
# -- Sets the partition used to discover services (Consul Enterprise only).
partition: ""
# -- Prefix for consul service tags.
prefix: "traefik"
# -- Interval for check Consul API.
refreshInterval: 15
# -- Forces the read to be fully consistent.
requireConsistent: false
# -- Name of the Traefik service in Consul Catalog (needs to be registered via the
serviceName: "traefik"
# -- Use stale consistency for catalog reads.
stale: false
# -- A list of service health statuses to allow taking traffic.
strictChecks: "passing, warning"
# -- Watch Consul API events.
watch: false
microcks:
# -- Enable Microcks provider.
enabled: false
Expand Down Expand Up @@ -1007,6 +1065,7 @@ hub:
insecureSkipVerify: false
# Enable export of errors logs to the platform. Default: true.
sendlogs: # @schema type:[boolean, null]

tracing:
# -- Tracing headers to duplicate.
# To configure the following, tracing.otlp.enabled needs to be set to true.
Expand Down

0 comments on commit 8ad7023

Please sign in to comment.