summaryrefslogtreecommitdiffstats
path: root/kubernetes/common/certInitializer/templates/_certInitializer.yaml
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-04-19 16:00:49 +0200
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-05-06 06:29:46 +0000
commitbd94a04227a235319b3246e52cadc7c1e96f9c22 (patch)
treef4f817dd18994012f85d9bceb1685c409e8d1f2f /kubernetes/common/certInitializer/templates/_certInitializer.yaml
parentf6465e1e1386cd090ab9a125683304e57f373c19 (diff)
[COMMON][CERTS] Allow to provide custom certs easily
Instead of mandating to provide custom certificates before creation of helm packages, let's propose to include certificates from a known secret or configmap. The current implementation will first search for secret and if not provided will look for configmap. Issue-ID: OOM-2731 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If2f90adc18efe59c0516db9409964a236bd17a66
Diffstat (limited to 'kubernetes/common/certInitializer/templates/_certInitializer.yaml')
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml17
1 files changed, 17 insertions, 0 deletions
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index 414192e2bc..3b165a4c20 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -137,6 +137,8 @@
volumeMounts:
- mountPath: /certs
name: aaf-agent-certs
+ - mountPath: /more_certs
+ name: provided-custom-certs
- mountPath: /root/import-custom-certs.sh
name: aaf-agent-certs
subPath: import-custom-certs.sh
@@ -177,6 +179,21 @@
configMap:
name: {{ tpl $subchartDot.Values.certsCMName $subchartDot }}
defaultMode: 0700
+{{- if $dot.Values.global.importCustomCertsEnabled }}
+- name: provided-custom-certs
+{{- if $dot.Values.global.customCertsSecret }}
+ secret:
+ secretName: {{ $dot.Values.global.customCertsSecret }}
+{{- else }}
+{{- if $dot.Values.global.customCertsConfigMap }}
+ configMap:
+ name: {{ $dot.Values.global.customCertsConfigMap }}
+{{- else }}
+ emptyDir:
+ medium: Memory
+{{- end }}
+{{- end }}
+{{- end }}
- name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
configMap:
name: {{ include "common.fullname" $subchartDot }}-add-config