feat(helm): add global.ingress defaults shared across charts#129
Merged
bebosudo merged 6 commits intochiusole/improve-handling-and-description-of-platform-service-address-portfrom May 5, 2026
Conversation
gavinelder
force-pushed
the
feat/global-ingress-defaults
branch
from
b07f919 to
dc43914
Compare
gavinelder
changed the title
gavinelder
force-pushed
the
feat/global-ingress-defaults
branch
2 times, most recently
from
f8721c7 to
b477b56
Compare
Member
|
FWIW, I would still have to do some minor bespoke annotations in the individual Ingresses still (e.g externaldns entry, unique group numbering since my Ingresses share an ALB for cost savings). In general, however, I like the idea of being more DRY so there are fewer ways I can shoot myself in the foot as I'm updating various charts 👍 |
Contributor
Author
|
For external DNS we have the following based on your example chart usage the new value would be the following at the top level. (This is in the examples) If you wish to specific annotations at a deployment level these can still be merged. |
bebosudo
approved these changes
Apr 30, 2026
Member
bebosudo
left a comment
bebosudo
left a comment
There was a problem hiding this comment.
LGTM, nice addition, only one minor comment
Introduce a `global.ingress` block (`enabled`, `path`, `defaultPathType`, `ingressClassName`) that the platform parent and every subchart's Ingress template falls back to. Setting these once at the parent level propagates to studios, portal-web, mcp, wave, and agent-backend so users don't have to repeat controller-wide config per subchart. Resolution semantics: - `enabled`: OR — either local or global being `true` enables the Ingress - `path`, `defaultPathType`, `ingressClassName`: local wins when set, otherwise falls back to the global BREAKING: default `pathType` is now `Prefix` (was `ImplementationSpecific`). `Prefix` works for nginx, traefik, AWS ALB, and most modern controllers. ALB users who relied on the old default may need to set `global.ingress.defaultPathType: ImplementationSpecific`. Also: - Add docs/conventions/ingress.md documenting the pattern - Update examples/ingress-configurations/* — drop redundant `defaultPathType: Prefix` lines, showcase `global.ingress.ingressClassName` in nginx-cert-manager.yaml, fix the README's Path Types section - Bump platform 0.32.3→0.33.0, studios 1.2.11→1.3.0, portal-web 0.2.5→0.3.0, mcp 0.3.2→0.4.0, wave 0.1.0→0.2.0, agent-backend 0.4.7→0.5.0 - Scope helm-docs pre-commit hook to charts/ and exclude .claude/worktrees so agent worktrees don't cause spurious doc regeneration Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
…ripping indentation Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
gavinelder
force-pushed
the
feat/global-ingress-defaults
branch
from
b477b56 to
6615a59
Compare
bebosudo
changed the base branch from
master
to
chiusole/improve-handling-and-description-of-platform-service-address-port
…ddress-port into feat/global-ingress-defaults
bebosudo
requested changes
May 4, 2026
Member
bebosudo
left a comment
bebosudo
left a comment
There was a problem hiding this comment.
The chart versions were updated in the changelog files and readme files, but weren't updated in the chart.yaml files, which automatically rebuilds the readme files upon commit with helm-docs, so changing the readmes was reverted in my latest merge commit - could you make sure prek is installed in your local repo?
Once versions are upgraded, could you run make rebuild-deps-force too to update the Chart.lock file in charts/platform with the new subchart versions?
…ervice-address-port' into feat/global-ingress-defaults
bebosudo
merged commit 90b2851
into
chiusole/improve-handling-and-description-of-platform-service-address-port
2 checks passed
bebosudo
added a commit
that referenced
this pull request
May 5, 2026
…s to be provided (#131) * Update all platform subcharts to require platformServiceAddress to be provided * chore: improve wait-for-redis initcont no-auth-set message (#133) * chore: improve wait-for-redis initcont no-auth-set message * Use more explicit check for password set/unset * feat(helm): add global.ingress defaults shared across charts (#129) * feat(ingress): add global.ingress defaults shared across charts Introduce a `global.ingress` block (`enabled`, `path`, `defaultPathType`, `ingressClassName`) that the platform parent and every subchart's Ingress template falls back to. Setting these once at the parent level propagates to studios, portal-web, mcp, wave, and agent-backend so users don't have to repeat controller-wide config per subchart. Resolution semantics: - `enabled`: OR — either local or global being `true` enables the Ingress - `path`, `defaultPathType`, `ingressClassName`: local wins when set, otherwise falls back to the global BREAKING: default `pathType` is now `Prefix` (was `ImplementationSpecific`). `Prefix` works for nginx, traefik, AWS ALB, and most modern controllers. ALB users who relied on the old default may need to set `global.ingress.defaultPathType: ImplementationSpecific`. Also: - Add docs/conventions/ingress.md documenting the pattern - Update examples/ingress-configurations/* — drop redundant `defaultPathType: Prefix` lines, showcase `global.ingress.ingressClassName` in nginx-cert-manager.yaml, fix the README's Path Types section - Bump platform 0.32.3→0.33.0, studios 1.2.11→1.3.0, portal-web 0.2.5→0.3.0, mcp 0.3.2→0.4.0, wave 0.1.0→0.2.0, agent-backend 0.4.7→0.5.0 - Scope helm-docs pre-commit hook to charts/ and exclude .claude/worktrees so agent worktrees don't cause spurious doc regeneration Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]> * fix(ingress): rewrite seqera.ingress.host comment to avoid helmfmt stripping indentation Co-Authored-By: Claude Sonnet 4.6 <[email protected]> * chore: update snapshots after rebase onto master Co-Authored-By: Claude Sonnet 4.6 <[email protected]> * Merge chiusole/improve-handling-and-description-of-platform-service-address-port into feat/global-ingress-defaults * Bump subcharts minor version for new global.ingress feature, fix changelogs --------- Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]> Co-authored-by: Alberto Chiusole <[email protected]> * feat(ci): run subchart unit tests standalone in addition to parent (#132) spike(ci): run subchart unit tests standalone in addition to parent Adds two new make targets to charts/platform/Makefile: - `unittests-standalone`: invokes `helm unittest` from inside each subchart directory (charts/*/ with a tests/ dir) so each renders with its own values/helpers — matching how a customer would install it on its own. - `test-all`: runs both the existing parent-recursive `unittests` AND `unittests-standalone`, catching helper/values divergence that the parent-only run silently masks. Wires `test-all` into `.github/scripts/run_chart_tests.py` so CI exercises both paths. The script falls back to the legacy `tests` target for charts that haven't adopted `test-all` yet. Spike findings on running `make -C charts/platform unittests-standalone` against current master: - `wave` and `agent-backend` standalone tests fail with a snapshot mismatch in the wait-for-redis init container script. These pass in parent-context because parent and subcharts ship different versions of `seqera-common`. Pre-existing latent divergence — exactly the gap this spike surfaces. This is intentionally a spike — pre-commit was bypassed to push the draft PR for review. The standalone failures aren't fixed here; they demonstrate the value of the per-chart standalone runner and need triage in a follow-up. Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]> Co-authored-by: Alberto Chiusole <[email protected]> * Default to testing both umbrella platform chart, then its subcharts standalone --------- Co-authored-by: Gavin <[email protected]> Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Enhancement
Allow global configuration of Ingress options across the platform parent chart and all subcharts via a new
global.ingressblock. Set once at the parent (enabled,path,defaultPathType,ingressClassName,annotations,extraLabels,tls) and every subchart's Ingress picks it up — no need to repeat controller-wide config per subchart.Why a global block
In practice, users who expose one of these services via Ingress almost always expose them all the same way: same ingress controller, same class name, same annotations (cert-manager, ALB scheme, NGINX body-size limits, etc.). The previous shape forced the same values to be repeated under
platform.ingress.*,studios.ingress.*,wave.ingress.*, and so on — verbose, drift-prone, and easy to get inconsistent across subcharts.Lifting these controller-wide concerns into
global.ingressmatches the way users actually configure ingress: one decision per cluster, applied uniformly. Per-chart overrides remain available for the rare case where one service genuinely needs different routing.Why the
Prefixdefault changeWith the previous defaults (
defaultPathType: ImplementationSpecific,path: "/"), the same chart and values produced different routing behavior depending on the customer's ingress controller:path: /+ImplementationSpecificas a prefix match/*for the same effectThat's an unpredictable user experience: the chart "works" on one cluster and silently routes differently on another. Switching the default to
Prefixis spec-defined and produces consistent prefix-match semantics across NGINX, Traefik, AWS ALB, and most modern controllers. Customers can still override per-controller when needed.Summary
global.ingressblock (enabled,path,defaultPathType,ingressClassName) that the platform parent and every subchart's Ingress falls back to. Set once at the parent and every chart picks it up.defaultPathTypeis nowPrefix(wasImplementationSpecific). ALB users on the old default can setglobal.ingress.defaultPathType: ImplementationSpecificonce at the parent.seqera.ingress.hosttemplate helper in each chart's_helpers.tplreturning that chart's primary domain. Set it once inglobal.ingress.annotationsand the right hostname renders per chart:docs/conventions/ingress.mddocumenting the Ingress conventions for this repo.examples/ingress-configurations/*to drop redundantdefaultPathType: Prefixoverrides and showcaseglobal.ingress.ingressClassNameinnginx-cert-manager.yaml.Resolution semantics
enabledfalsefalsetrueenables the Ingresspath"""/"defaultPathType"""Prefix"ingressClassName""""annotations{}{}extraLabels{}{}tls[][]Version bumps
platform0.32.3 → 0.33.0studios1.2.11 → 1.3.0portal-web0.2.5 → 0.3.0mcp0.3.2 → 0.4.0wave0.1.0 → 0.2.0agent-backend0.4.7 → 0.5.0Tests
pathType).global.ingress.enabledis true; falling back toglobal.ingress.defaultPathTypewhen local is empty; localdefaultPathTypeoverriding global.Test plan
Prefixdefault is acceptable as a breaking change, or restoreImplementationSpecificand only ship the global plumbinghelm template platform charts/platform -f charts/platform/examples/ingress-configurations/<file>docs/conventions/ingress.mdcontent/wording🤖 Generated with Claude Code