Hi I’m trying to set up https for my sonarqube server, hosted in GKE using helm chart. I read that I can use the ingress.tls helm chart parameter to configure a secret for the https connection.
My question is, what should be entered into this parameter? Is it kubernetes secret name in the same namespace? If that’s the case, I need to first create a kubernetes secret and reference the same name.
Is that all I need to do? Is there anything else?
Hello @zacktzeng
For the creation of the secret that needs to be referenced, you can follow the official documentation.
It should indeed be in the same namespace as SonarQube.
We will add the link to the official documentation to the values.yaml file so it is easier to configure in the future.
Hi Leo, thanks for reply here. Unfortunately I’m not able to configure TLS on my own. Let me share my configuration of ingress, load balancer and nginx:
service:
type: LoadBalancer
externalPort: 443
internalPort: 9000
labels:
annotations: {
service.beta.kubernetes.io/azure-load-balancer-internal: "true",
service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "aks_nodes-10.182.8.0-24"
}
loadBalancerIP: <hardcoded.ip.from.subnet>
ingress:
enabled: true
hosts:
- name: sonar.<company>.com
path: /
annotations:
tls:
- secretName: sonar-server-tls
hosts:
- sonar.<company>.com
My secret is stored in the same namespace and its found during deployment (no error, when I tried non-existing secret, I get an error).
I’m not using neither self-signed certificate, nor cert-manager, but I have my valid TLS certificate. Is there necessary to configure nginx? I was trying the default configuration of nginx (nginx.enabled: true and the tls-acme and ingressClassName) but it didnt work. My sonarqube works on http://sonar.<company>.com:443, but certificate is not loaded.