bitnami/consul Add activation of gossip encryption when custom key is set (#20328)

2026-02-26 07:37:57 +08:00 · 2023-11-06 11:03:46 +01:00
parent 608775fc7e
commit 24919d362f
3 changed files with 5 additions and 3 deletions
--- a/bitnami/consul/README.md
+++ b/bitnami/consul/README.md
@@ -96,7 +96,7 @@ helm delete --purge my-release
 | `datacenterName`                | Datacenter name for Consul. If not supplied, will use the Consul                                                 | `dc1`                    |
 | `domain`                        | Consul domain name                                                                                               | `consul`                 |
 | `raftMultiplier`                | Multiplier used to scale key Raft timing parameters                                                              | `1`                      |
-| `gossipKey`                     | Gossip key for all members. The key must be 16-bytes, can be generated with $(consul keygen)                     | `""`                     |
+| `gossipKey`                     | Gossip key for all members. The key must be base64-encoded, can be generated with $(consul keygen)               | `""`                     |
 | `tlsEncryptionSecretName`       | Name of existing secret with TLS encryption data                                                                 | `""`                     |
 | `hostAliases`                   | Deployment pod host aliases                                                                                      | `[]`                     |
 | `configuration`                 | HashiCorp Consul configuration to be injected as ConfigMap                                                       | `""`                     |
--- a/bitnami/consul/templates/statefulset.yaml
+++ b/bitnami/consul/templates/statefulset.yaml
@@ -154,6 +154,8 @@ spec:
            - name: CONSUL_DATACENTER
              value: {{ .Values.datacenterName | quote }}
            {{- if .Values.gossipKey }}
+            - name: CONSUL_GOSSIP_ENCRYPTION
+              value: "yes"
            - name: CONSUL_GOSSIP_ENCRYPTION_KEY
              valueFrom:
                secretKeyRef:
--- a/bitnami/consul/values.yaml
+++ b/bitnami/consul/values.yaml
@@ -103,9 +103,9 @@ domain: consul
 ## @param raftMultiplier Multiplier used to scale key Raft timing parameters
 ##
 raftMultiplier: "1"
-## @param gossipKey Gossip key for all members. The key must be 16-bytes, can be generated with $(consul keygen)
+## @param gossipKey Gossip key for all members. The key must be base64-encoded, can be generated with $(consul keygen)
 ## Example:
-## gossipKey: 887Syd/BOvbtvRAKviazMg==
+## gossipKey: "DVoLa/k99hfBEdIfCLkzSpWg4obElLYVIFDsutKCL/w="
 ##
 gossipKey: ""
 ## @param tlsEncryptionSecretName Name of existing secret with TLS encryption data