Skip to main content
Sign Up

Ingress (legacy)

caution

You are now on a GitGuardian legacy architecture page.

Looking for the GitGuardian new architecture Scaling page? Please visit the Ingress page.

For information on the new architecture, as well as determining whether you are using the new or the legacy GitGuardian architecture, explore the New GitGuardian Architecture page.

info

This page only concerns installation on an existing cluster using KOTS.

KOTS-based installation

On existing clusters, a default Ingress is provided. This default Ingress is backed by a Kubernetes service (named gitguardian).

You can add custom annotations in the corresponding section of the KOTS Admin Console.

Ingress annotations

You can also disable it and use your own Ingress. In that case, you will need to uncheck the "Enable Kubernetes Ingress" option in the KOTS Admin Console or edit the Ingress resource directly.

Using your own Ingress

You have the option to disable the default Ingress and set up your own.

In the KOTS Admin Console, uncheck the "Enable Kubernetes Ingress" option to disable the default Ingress.

Custom ingress configuration

If you opt to use your own Ingress, here are the fields you would need to modify:

  • defaultBackend
  • ingressClassName (use this for Ingress controllers that support it; otherwise, use the deprecated kubernetes.io/ingress.class annotation)
  • rules
  • tls

To get more details on each of these fields, run the command kubectl explain ingress.spec.

Protocol configuration

The service backend is configured to listen only on HTTPS, and your Ingress needs to be set up accordingly.

If you are utilizing the NGINX Ingress controller, this configuration is already handled in the included Ingress through the nginx.ingress.kubernetes.io/backend-protocol: HTTPS annotation. However, if you are using a different Ingress controller, you may need to add the necessary annotations in the provided text area.

Sample configuration

Below is an example of how a custom Ingress configuration might look:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: <ingress_class>  # for ingress controllers that do not support ingressClassName
  labels:
    kots.io/app-slug: gitguardian-seal
    kots.io/backup: velero
  name: gitguardian
  namespace: <your-namespace>
spec:
  ingressClassName: <ingress_class>  # for ingress controllers that support this field
  rules:
  - host: <application_hostname>
    http:
      paths:
      - backend:
          service:
            name: gitguardian
            port:
              number: 443
        path: /
        pathType: Prefix
  tls:
  - hosts:
    - <application_hostname>
    secretName: <secret_name>  # when using a kubernetes secret

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

How can I help you ?