Using unique names for TLS secrets

charts/onechart/templates/ingress.yaml

@@ -1,15 +1,15 @@
 {{/* OneChart ingress snippet */}}
 {{- define "onechart.ingress" }}
 {{- $robustName := include "robustName" .root.Release.Name -}}
+{{- $resourceName := $robustName -}}
+{{- if .longName }}
+{{- $resourceName = printf "%s-%s" $robustName (include "robustName" .ingress.host) -}}
+{{- end }}
 ---
 apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
 metadata:
-  {{- if .longName }}
-  name: {{ $robustName }}-{{ template "robustName" .ingress.host }}
-  {{- else }}
-  name: {{ $robustName }}
-  {{- end }}
+  name: {{ $resourceName }}
   namespace: {{ .root.Release.Namespace }}
   labels:
     {{- include "helm-chart.labels" .root | nindent 4 }}
@@ -30,7 +30,7 @@ spec:
   tls:
     - hosts:
         - {{ template "robustName" .ingress.host | quote }}
-      secretName: {{ printf "tls-%s" $robustName }}
+      secretName: {{ printf "tls-%s" $resourceName }}
   {{- end }}
   rules:
     - host: {{ template "robustName" .ingress.host | quote }}

charts/onechart/tests/ingress_domain_test.yaml

@@ -83,3 +83,21 @@ tests:
     asserts:
       - hasDocuments:
           count: 3
+  - it: Should have unique TLS secret names
+    set:
+      ingresses:
+        - host: chart-example.local
+          tlsEnabled: true
+          annotations:
+            kubernetes.io/ingress.class: nginx
+        - host: another.local
+          tlsEnabled: true
+          annotations:
+            kubernetes.io/ingress.class: nginx
+    asserts:
+      - equal:
+          path: spec.tls
+          value:
+            - hosts:
+                - chart-example.local
+              secretName: tls-release-name-chart-example.local

values.yaml

@@ -4,9 +4,11 @@ ingress:
     kubernetes.io/ingress.class: nginx
 ingresses:
   - host: chart-example.local
+    tlsEnabled: true
     annotations:
       kubernetes.io/ingress.class: nginx
   - host: another.local
+    tlsEnabled: true
     annotations:
       kubernetes.io/ingress.class: nginx