From 3eba31d082e2bec24d1b552e3d94eae5ec214c45 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20B=C3=A4hler?= <oliverbaehler@hotmail.com>
Date: Wed, 29 Jan 2025 10:11:12 +0100
Subject: [PATCH] feat(helm): add service values
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
---
 chart/README.md              |  4 ++++
 chart/templates/service.yaml | 15 +++++++++++++++
 chart/values.yaml            |  8 ++++++++
 3 files changed, 27 insertions(+)

diff --git a/chart/README.md b/chart/README.md
index 6d80241..f76d032 100644
--- a/chart/README.md
+++ b/chart/README.md
@@ -53,6 +53,10 @@ helm install my-sealed-secrets-web bakito/sealed-secrets-web --version 3.1.6
 | sealedSecrets.namespace | string | `"sealed-secrets"` | Namespace of the sealed secrets service |
 | sealedSecrets.serviceName | string | `"sealed-secrets"` | Name of the sealed secrets service |
 | service.annotations | object | `{}` | Service annotations |
+| service.clusterIP | string | `""` | Kubernetes Service clusterIP |
+| service.loadBalancerIP | string | `""` | Kubernetes Service loadBalancerIP |
+| service.loadBalancerSourceRanges | list | `[]` | Kubernetes Service loadBalancerSourceRanges |
+| service.nodePort | string | `nil` | Kubernetes Service Nodeport |
 | service.port | int | `80` | Service port |
 | service.type | string | `"ClusterIP"` | Sets the type of the Service |
 | serviceAccount.automountServiceAccountToken | bool | `true` | Automatically mount the service account token |
diff --git a/chart/templates/service.yaml b/chart/templates/service.yaml
index bb3c659..64eaa41 100644
--- a/chart/templates/service.yaml
+++ b/chart/templates/service.yaml
@@ -11,11 +11,26 @@ metadata:
   {{- end }}
 spec:
   type: {{ .Values.service.type }}
+  {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }}
+  clusterIP: {{ .Values.service.clusterIP }}
+  {{- end }}
+  {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }}
+  externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{ if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerSourceRanges))) }}
+  loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }}
+  {{ end }}
+  {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }}
+  loadBalancerIP: {{ .Values.service.loadBalancerIP }}
+  {{- end }}
   ports:
     - port: {{ .Values.service.port }}
       targetPort: http
       protocol: TCP
       name: http
+      {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePort)) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
   selector:
     app.kubernetes.io/name: {{ include "sealed-secrets-web.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 81b9371..a55c0d4 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -68,6 +68,14 @@ service:
   port: 80
   # -- Service annotations
   annotations: {}
+  # -- Kubernetes Service clusterIP
+  clusterIP: ""
+  # -- Kubernetes Service loadBalancerIP
+  loadBalancerIP: ""
+  # -- Kubernetes Service loadBalancerSourceRanges
+  loadBalancerSourceRanges: []
+  # -- Kubernetes Service Nodeport
+  nodePort: null
 
 ingress:
   # -- Enable ingress support