From 7d67b8f985c3b6ee1e9786346e3850c51852dbfa Mon Sep 17 00:00:00 2001 From: Matthias Erll Date: Wed, 13 May 2026 13:43:11 +0200 Subject: [PATCH 1/4] chore: removed extra code for ingress-nginx app handling --- core.yaml | 2 -- src/components/App.tsx | 9 +-------- src/utils/data.ts | 2 +- src/utils/schema.ts | 8 +------- 4 files changed, 3 insertions(+), 18 deletions(-) diff --git a/core.yaml b/core.yaml index a5025fcda..62da3aa49 100644 --- a/core.yaml +++ b/core.yaml @@ -186,8 +186,6 @@ adminApps: - name: hello hide: true tags: [demo] - - name: ingress-nginx - tags: [ingress, auth] - name: istio tags: [ingress, egress, routing, security, tls, observability, policies] - name: keycloak diff --git a/src/components/App.tsx b/src/components/App.tsx index 4c9418e84..af7c16cf9 100644 --- a/src/components/App.tsx +++ b/src/components/App.tsx @@ -197,9 +197,7 @@ export default function App({ }, [inValues]) // END HOOKS - const appSchema = id.startsWith('ingress-nginx') - ? (session.valuesSchema as ValuesSchema).properties.apps.properties['ingress-nginx-platform'] - : (session.valuesSchema as ValuesSchema).properties.apps.properties[id] + const appSchema = (session.valuesSchema as ValuesSchema).properties.apps.properties[id] const valuesYaml = isEqual(values, {}) ? '' : YAML.stringify(values) const isAdminApps = teamId === 'admin' @@ -208,11 +206,6 @@ export default function App({ if (validValues) onSubmit(data) } - const handleValuesChange = (values: Props['values'], errors: any[]) => { - setValues(values) - setValidValues(errors.length === 0) - } - const prefixedDeps = () => { let dependencies: string if (!deps) return 'None' diff --git a/src/utils/data.ts b/src/utils/data.ts index 14ab10692..9e5e6581d 100644 --- a/src/utils/data.ts +++ b/src/utils/data.ts @@ -149,7 +149,7 @@ export const getAppData = ( // get the core app const apps = getApps(session, teamId) - const coreAppId = getCoreAppId(appId) + const coreAppId: string = appId const coreApp = find(apps, { name: coreAppId }) const { useHost, ingress, isShared, path } = coreApp // bundle the shortcuts diff --git a/src/utils/schema.ts b/src/utils/schema.ts index 8c98f4873..f3cab15f2 100644 --- a/src/utils/schema.ts +++ b/src/utils/schema.ts @@ -4,14 +4,8 @@ import { cloneDeep, each, get, set, unset } from 'lodash' const getHolderPath = (p) => (p.includes('.') ? p.substr(0, p.lastIndexOf('.')) : p) -export const getCoreAppId = (appId): string => { - let id: string = appId - if (appId.startsWith('ingress-nginx')) id = 'ingress-nginx' - return id -} - export const getAppSchemaName = (appId: string): string => { - return `${pascalCase(getCoreAppId(appId))}` + return `${pascalCase(appId)}` } export function getStrict(obj: Record, path: string, def: any = undefined) { From e1d31c9ed06d5fa7a27fcd8b712eda124f37706c Mon Sep 17 00:00:00 2001 From: Matthias Erll Date: Wed, 13 May 2026 13:44:04 +0200 Subject: [PATCH 2/4] fix: removed import --- src/utils/data.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/utils/data.ts b/src/utils/data.ts index 9e5e6581d..45622a253 100644 --- a/src/utils/data.ts +++ b/src/utils/data.ts @@ -3,7 +3,7 @@ import { JSONSchema7 } from 'json-schema' import { cloneDeep, find, isArray, isEmpty, isEqual, isPlainObject, transform } from 'lodash' import { GetSessionApiResponse } from 'redux/otomiApi' import { sentenceCase as sentenceCaseOrig } from 'change-case' -import { getAppSchemaName, getCoreAppId } from './schema' +import { getAppSchemaName } from './schema' export type CleanOptions = { cleanKeys?: any[] From 8744ce91a2c441ab7157fa9e0fa7b041a5155a25 Mon Sep 17 00:00:00 2001 From: Matthias Erll Date: Wed, 13 May 2026 15:24:01 +0200 Subject: [PATCH 3/4] chore: sync with core app info --- core.yaml | 170 ++++-------------------------------------------------- 1 file changed, 11 insertions(+), 159 deletions(-) diff --git a/core.yaml b/core.yaml index 62da3aa49..478b3abea 100644 --- a/core.yaml +++ b/core.yaml @@ -19,6 +19,7 @@ k8s: app: harbor - name: apl-harbor-operator disableIstioInjection: true + - name: git-server - name: gitea - name: apl-gitea-operator disableIstioInjection: true @@ -28,14 +29,6 @@ k8s: app: grafana - name: istio-system disableIstioInjection: true - labels: - "apl.io/ingress-controller-scope": "true" - - name: ingress - # disabling istio sidecar as it does not preserve client ip (yet) - # TODO: enable once it does - disableIstioInjection: true - labels: - "apl.io/ingress-controller-scope": "true" - name: keycloak - name: apl-keycloak-operator disableIstioInjection: true @@ -58,10 +51,8 @@ k8s: - name: kyverno app: kyverno disableIstioInjection: true - - name: thanos - app: thanos - disableIstioInjection: true - disablePolicyChecks: true + - name: tekton-dashboard + app: tekton-pipelines - name: tekton-pipelines disableIstioInjection: true disablePolicyChecks: true @@ -71,15 +62,8 @@ k8s: - name: otel app: otel disableIstioInjection: true - - name: tempo - app: tempo - disableIstioInjection: true - name: maintenance disableIstioInjection: true - - name: minio - app: minio - disableIstioInjection: true - disablePolicyChecks: true - name: monitoring disableIstioInjection: true - name: otomi @@ -98,6 +82,11 @@ k8s: disablePolicyChecks: true - name: sealed-secrets app: sealed-secrets + - name: external-secrets + app: external-secrets + disableIstioInjection: true + - name: apl-secrets + disableIstioInjection: true - name: policy-reporter app: policy-reporter disablePolicyChecks: true @@ -108,22 +97,10 @@ adminApps: tags: [alerting, observability] deps: [prometheus] ownHost: true - ingress: - - svc: po-alertmanager - namespace: monitoring - # namespace: alertmanager - port: 9093 - type: public - auth: true - name: argocd tags: [cicd, gitops] isShared: true ownHost: true - ingress: - - svc: argocd-server - namespace: argocd - type: public - auth: true - name: cert-manager tags: [ingress, security, tls] - name: cnpg @@ -132,12 +109,6 @@ adminApps: tags: [tty] isShared: true ownHost: true - ingress: - - svc: tty - # virtual service is not going to be used. - namespace: ingress - type: public - auth: true - name: external-dns tags: [ingress, security, tls] - name: gitea @@ -145,58 +116,24 @@ adminApps: isShared: true ownHost: true path: /user/oauth2/otomi-idp - ingress: - - namespace: gitea - svc: gitea-http - port: 3000 - type: public - name: grafana tags: [tracing, telemetry, observability] deps: [prometheus] path: /dashboards ownHost: true - ingress: - - svc: po-grafana - namespace: grafana - removeRequestHeaders: - - authorization - type: public - auth: true - name: harbor tags: [security] isShared: true ownHost: true - ingress: - - svc: harbor-portal - namespace: harbor - type: public - auth: true - - svc: harbor-core - namespace: harbor - paths: [/api/, /c/] - forwardPath: true - type: public - auth: true - - svc: harbor-core - namespace: harbor - paths: [/chartrepo/, /service/, /v1/, /v2/] - forwardPath: true - type: public - hasOwnIngress: true - name: hello hide: true tags: [demo] - name: istio tags: [ingress, egress, routing, security, tls, observability, policies] - name: keycloak + path: /admin/otomi/console/ tags: [auth, sso] - # isShared: true ownHost: true - ingress: - - namespace: keycloak - svc: keycloak-keycloakx-http - type: public - port: 8080 - name: knative tags: [serverless, functions] deps: [istio] @@ -204,96 +141,33 @@ adminApps: tags: [ai, ml] ownHost: true isShared: true - ingress: - - svc: ml-pipeline-ui - namespace: kfp - port: 80 - type: public - auth: true - name: kserve tags: [ai] - name: tekton tags: [buildpacks, ci, pipelines] ownHost: true path: /#/namespaces/team-admin/pipelineruns - ingress: - - svc: tekton-dashboard - namespace: tekton-pipelines - port: 9097 - type: public - auth: true - removeRequestHeaders: - - authorization - - name: thanos - tags: [metrics, observability] - ownHost: true - ingress: - - svc: thanos-query - port: 9090 - namespace: thanos - type: public - auth: true - name: loki tags: [logging, telemetry, observability] - deps: [grafana, prometheus] + deps: [grafana, prometheus, otel] useHost: grafana path: /explore?orgId=1&left=%7B"datasource":"loki","queries":%5B%7B"refId":"A"%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D - - name: minio - tags: [storage, backup] - ownHost: true - ingress: - - svc: minio - port: 9001 - namespace: minio - type: public - auth: true - removeRequestHeaders: - - authorization - name: console hide: true isShared: true ownHost: true - ingress: - - svc: otomi-api - namespace: otomi - paths: [/api/] - type: public - auth: true - - svc: otomi-console - namespace: otomi - type: public - auth: true - name: api # Used by any client that do not support cookies hide: true isShared: true ownHost: true - ingress: - - svc: otomi-api - namespace: otomi - type: public - # RequestAuthentication and AuthorizationPolicy ensure Authorization header validation - auth: false - - name: prometheus tags: [metrics, observability] ownHost: true - ingress: - - svc: po-prometheus - port: 9090 - namespace: monitoring - # namespace: prometheus - type: public - auth: true - name: sealed-secrets tags: [secrets, security, observability] ownHost: true - - name: tempo - tags: [tracing] - deps: [prometheus, grafana] - useHost: grafana - path: /explore?orgId=1&left=%7B"datasource":"tempo","queries":%5B%7B"refId":"A","datasource":%7B"type":"tempo","uid":"tempo"%7D,"queryType":"clear","limit":20%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D - name: otel - tags: [tracing] + tags: [logging, tracing] - name: trivy tags: [security] deps: [prometheus, grafana] @@ -306,33 +180,11 @@ teamApps: - name: alertmanager ownHost: true path: /#/alerts?silenced=false&inhibited=false&active=true&filter=%7Bnamespace%3D"team-#TEAM#"%7D - ingress: - - svc: po-alertmanager - hasPrefix: true - port: 9093 - type: public - auth: true - name: grafana ownHost: true path: /dashboards - ingress: - - svc: po-grafana - hasPrefix: true - forwardPath: true - removeRequestHeaders: - - authorization - type: public - auth: true - name: loki useHost: grafana path: /explore?orgId=1&left=%7B"datasource":"loki","queries":%5B%7B"refId":"A","expr":"","queryType":"range","datasource":%7B"type":"loki","uid":"loki"%7D%7D%5D,"range":%7B"from":"now-1h","to":"now"%7D%7D - name: tekton ownHost: true - ingress: - - svc: tekton-dashboard - hasPrefix: true - port: 9097 - type: public - auth: true - removeRequestHeaders: - - authorization From 6d77c21f4370e6f9c9af25dadbb766df9aae86a8 Mon Sep 17 00:00:00 2001 From: Matthias Erll Date: Wed, 13 May 2026 20:29:57 +0200 Subject: [PATCH 4/4] fix: missing shortcuts --- src/utils/data.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/utils/data.ts b/src/utils/data.ts index 45622a253..334a3af2a 100644 --- a/src/utils/data.ts +++ b/src/utils/data.ts @@ -151,7 +151,7 @@ export const getAppData = ( const apps = getApps(session, teamId) const coreAppId: string = appId const coreApp = find(apps, { name: coreAppId }) - const { useHost, ingress, isShared, path } = coreApp + const { useHost, ownHost, isShared, path } = coreApp // bundle the shortcuts const coreShortcuts = coreApp.shortcuts ?? [] const mergedShortcuts = ownShortcuts.length ? [...coreShortcuts, ...ownShortcuts] : coreShortcuts @@ -189,9 +189,9 @@ export const getAppData = ( logoAlt: `${coreAppId}_logo${logoAltSuffix}.svg`, appInfo: appsInfo[coreAppId], schema, - externalUrl: ingress || useHost ? `${baseUrl}${path ? rePlace(path, teamId) : '/'}` : undefined, + externalUrl: ownHost || useHost ? `${baseUrl}${path ? rePlace(path, teamId) : '/'}` : undefined, shortcuts: substShortcuts, - hasShortcuts: !!ingress || useHost, + hasShortcuts: ownHost || useHost, isDeprecated, isBeta, isAlpha,