From 5fd7b52e52f0c3afda57aa215f9a817bc4857197 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Mon, 14 Jul 2025 16:53:39 -0700 Subject: [PATCH] use internal IP for Supervisor service on acceptance cluster --- .../prepare-cluster-for-integration-tests.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/pipelines/shared-helpers/prepare-cluster-for-integration-tests.sh b/pipelines/shared-helpers/prepare-cluster-for-integration-tests.sh index 7e3f6bfba..45e28f07c 100755 --- a/pipelines/shared-helpers/prepare-cluster-for-integration-tests.sh +++ b/pipelines/shared-helpers/prepare-cluster-for-integration-tests.sh @@ -306,6 +306,18 @@ metadata: cloud.google.com/backend-config: '{"default":"healthcheck-backendconfig"}' EOF +# Save this file for possible later use. When we want to make a Supervisor load balancer service, +# we need to make sure that we tell it that it should use an internal IP address. +cat <>/tmp/add-annotations-for-supervisor-lb-service-overlay.yaml +#@ load("@ytt:overlay", "overlay") +#@overlay/match by=overlay.subset({"kind": "Service", "metadata":{"name":"${supervisor_app_name}-loadbalancer"}}), expects=1 +--- +metadata: + annotations: + #@overlay/match missing_ok=True + networking.gke.io/load-balancer-type: "Internal" +EOF + if [[ "${DEPLOY_LOCAL_USER_AUTHENTICATOR:-no}" == "yes" ]]; then # # Deploy local-user-authenticator @@ -859,6 +871,10 @@ fi if [[ "${SUPERVISOR_INGRESS:-no}" == "yes" && "$cluster_has_gke_backend_config" == "yes" ]]; then supervisor_optional_ytt_values+=("--file=/tmp/add-annotations-for-gke-ingress-overlay.yaml") fi +if [[ "${USE_LOAD_BALANCERS_FOR_DEX_AND_SUPERVISOR:-no}" != "yes" && "${SUPERVISOR_LOAD_BALANCER:-no}" == "yes" ]]; then + # When using the ytt templates to create a LB service, then also tell the service to use an internal IP. + supervisor_optional_ytt_values+=("--file=/tmp/add-annotations-for-supervisor-lb-service-overlay.yaml") +fi echo "Deploying the Supervisor app to the cluster..." echo "Using ytt service flags:" "${supervisor_ytt_service_flags[@]}"