Skip to content

Commit

Permalink
Allow custom response headers for gke (#1136)
Browse files Browse the repository at this point in the history
* feat: add customResponseHeaders for GKE BackendConfig on relay and web

* chore: bump version
  • Loading branch information
xpicio authored Feb 6, 2024
1 parent 1307658 commit 86def26
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 7 deletions.
2 changes: 1 addition & 1 deletion sentry/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: sentry
description: A Helm chart for Kubernetes
type: application
version: 21.3.1
version: 21.3.2
appVersion: 24.1.1
dependencies:
- name: memcached
Expand Down
14 changes: 11 additions & 3 deletions sentry/templates/gke/backendconfig-sentry-relay.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,14 @@ metadata:
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
{{- if .Values.relay.customResponseHeaders }}
customResponseHeaders:
headers:
{{- if .Values.ingress.tls }}
- "strict-transport-security: max-age=31536000; includeSubDomains"
{{- end -}}
{{ toYaml .Values.relay.customResponseHeaders | nindent 6 }}
{{- end }}
healthCheck:
checkIntervalSec: {{ .Values.relay.probePeriodSeconds }}
timeoutSec: {{ .Values.relay.probeTimeoutSeconds }}
Expand All @@ -18,8 +26,8 @@ spec:
type: HTTP
requestPath: {{ template "relay.healthCheck.requestPath" }}
port: {{ template "relay.port" . }}
{{- if .Values.relay.securityPolicy }}
{{- if .Values.relay.securityPolicy }}
securityPolicy:
name: {{ .Values.relay.securityPolicy }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
14 changes: 11 additions & 3 deletions sentry/templates/gke/backendconfig-sentry-web.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,14 @@ metadata:
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
{{- if .Values.sentry.web.customResponseHeaders }}
customResponseHeaders:
headers:
{{- if .Values.ingress.tls }}
- "strict-transport-security: max-age=31536000; includeSubDomains"
{{- end -}}
{{ toYaml .Values.sentry.web.customResponseHeaders | nindent 6 }}
{{- end }}
healthCheck:
checkIntervalSec: {{ .Values.sentry.web.probePeriodSeconds }}
timeoutSec: {{ .Values.sentry.web.probeTimeoutSeconds }}
Expand All @@ -18,8 +26,8 @@ spec:
type: HTTP
requestPath: {{ template "sentry.healthCheck.requestPath" }}
port: {{ .Values.service.externalPort }}
{{- if .Values.sentry.web.securityPolicy }}
{{- if .Values.sentry.web.securityPolicy }}
securityPolicy:
name: {{ .Values.sentry.web.securityPolicy }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
6 changes: 6 additions & 0 deletions sentry/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,10 @@ relay:
affinity: {}
nodeSelector: {}
securityContext: {}
# if you are using GKE Ingress controller use 'securityPolicy' to add Google Cloud Armor Ingress policy
securityPolicy: ""
# if you are using GKE Ingress controller use 'customResponseHeaders' to add custom response header
customResponseHeaders: []
containerSecurityContext: {}
service:
annotations: {}
Expand Down Expand Up @@ -147,7 +150,10 @@ sentry:
affinity: {}
nodeSelector: {}
securityContext: {}
# if you are using GKE Ingress controller use 'securityPolicy' to add Google Cloud Armor Ingress policy
securityPolicy: ""
# if you are using GKE Ingress controller use 'customResponseHeaders' to add custom response header
customResponseHeaders: []
containerSecurityContext: {}
service:
annotations: {}
Expand Down

0 comments on commit 86def26

Please sign in to comment.