support http and https ports for service closes #147

step-certificates/templates/ca.yaml

@@ -101,19 +101,24 @@ spec:
           {{- end }}
           ports:
             - name: https
-              containerPort: {{ .Values.service.targetPort }}
+              containerPort: {{ .Values.service.ports.https.targetPort }}
               protocol: TCP
+            {{ if .Values.service.ports.http.enabled }}
+            - name: http
+              containerPort: {{ .Values.service.ports.http.targetPort }}
+              protocol: TCP
+            {{- end }}
           livenessProbe:
             initialDelaySeconds: 5
             httpGet:
               path: /health
-              port: {{ .Values.service.targetPort }}
+              port: {{ .Values.service.ports.https.targetPort }}
               scheme: HTTPS
           readinessProbe:
             initialDelaySeconds: 5
             httpGet:
               path: /health
-              port: {{ .Values.service.targetPort }}
+              port: {{ .Values.service.ports.https.targetPort }}
               scheme: HTTPS
           resources:
             {{- toYaml .Values.resources | nindent 12 }}

step-certificates/templates/service.yaml

@@ -11,18 +11,30 @@ metadata:
   {{- end }}
 spec:
   type: {{ .Values.service.type }}
+  {{ if .Values.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.service.loadBalancerIP }}
+  {{- end }}
   {{- with .Values.service.externalIPs }}
   externalIPs:
     {{- toYaml . | nindent 4 }}
   {{- end }}
   ports:
-    - port: {{ .Values.service.port }}
-      targetPort: {{ .Values.service.targetPort }}
+    - port: {{ .Values.service.ports.https.port }}
+      targetPort: {{ .Values.service.ports.https.targetPort }}
       protocol: TCP
       name: https
       {{- if eq .Values.service.type "NodePort" }}
-      nodePort: {{ .Values.service.nodePort }}
+      nodePort: {{ .Values.service.ports.https.nodePort }}
+      {{- end }}
+    {{ if .Values.service.ports.http.enabled }}
+    - port: {{ .Values.service.ports.http.port }}
+      targetPort: {{ .Values.service.ports.http.targetPort }}
+      protocol: TCP
+      name: http
+      {{- if eq .Values.service.type "NodePort" }}
+      nodePort: {{ .Values.service.ports.http.nodePort }}
       {{- end }}
+    {{- end }}
   selector:
     app.kubernetes.io/name: {{ include "step-certificates.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}

step-certificates/templates/tests/test-connection.yaml

@@ -16,5 +16,5 @@ spec:
       args:
         - '-s'
         - '-k'
-        - 'https://{{ include "step-certificates.fullname" . }}:{{ .Values.service.port }}/health'
+        - 'https://{{ include "step-certificates.fullname" . }}:{{ .Values.service.ports.https.port }}/health'
   restartPolicy: Never

step-certificates/values.yaml

@@ -230,11 +230,19 @@ inject:
 # service contains configuration for the kubernes service.
 service:
   type: ClusterIP
-  port: 443
-  targetPort: 9000
-  nodePort: ""
+  loadBalancerIP: ""
   annotations: {}
   externalIPs: []
+  ports:
+    https:
+      port: 443
+      targetPort: 9000
+      nodePort: ""
+    http:
+      enabled: false
+      port: 80
+      targetPort: 8080
+      nodePort: ""
 
 # linkedca contains the token to configure step-ca using the linkedca mode.
 #