Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-12 14:57:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/kafka] Don't regenerate self-signed certs on upgrade (#14629)

Browse Source 
Signed-off-by: Miguel Ruiz <miruiz@vmware.com>
This commit is contained in:
Miguel Ruiz
2023-01-31 11:21:16 +01:00
committed by GitHub
parent 45ee743d12
commit 7a5cef7cad
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/kafka/Chart.yaml
View File

@@ -29,4 +29,4 @@ name: kafka
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/kafka
- https://kafka.apache.org/
version: 20.0.5
version: 20.0.6

7
bitnami/kafka/templates/tls-secrets.yaml
View File

@@ -5,6 +5,7 @@
{{- $fullname := include "common.names.fullname" . }}
{{- $ca := genCA "kafka-ca" 365 }}
{{- range $i := until $replicaCount }}
{{- $secretName := printf "%s-%d-tls" (include "common.names.fullname" $) $i }}
{{- $replicaHost := printf "%s-%d.%s-headless" $fullname $i $fullname }}
{{- $altNames := list (printf "%s.%s.svc.%s" $replicaHost $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $fullname $releaseNamespace $clusterDomain) (printf "%s.%s" $replicaHost $releaseNamespace) (printf "%s.%s" $fullname $releaseNamespace) $replicaHost $fullname }}
{{- $cert := genSignedCert $replicaHost nil $altNames 365 $ca }}
@@ -22,9 +23,9 @@ metadata:
{{- end }}
type: kubernetes.io/tls
data:
ca.crt: {{ $ca.Cert | b64enc | quote }}
tls.crt: {{ $cert.Cert | b64enc | quote }}
tls.key: {{ $cert.Key | b64enc | quote }}
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
---
{{- end }}
{{- end }}