[bitnami/redis] Don't regenerate self-signed certs on upgrade (#14655)

* [bitnami/redis] Don't regenerate self-signed certs on upgrade Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Remove redis resilience-tests Signed-off-by: Miguel Ruiz <miruiz@vmware.com> --------- Signed-off-by: Miguel Ruiz <miruiz@vmware.com>
2026-03-04 06:47:57 +08:00 · 2023-02-03 12:19:42 +01:00
parent 4ccae51590
commit 9c8766a049
4 changed files with 5 additions and 26 deletions
--- a/.vib/redis/vib-publish.json
+++ b/.vib/redis/vib-publish.json
@@ -38,16 +38,6 @@
            "endpoint": "lb-redis-master-tcp-redis"
          }
        },
-        {
-          "action_id": "resilience-tests",
-          "params": {
-            "test_cases": [
-              "testKubernetesPodDelete",
-              "testPodScaleUp",
-              "testPodScaleDown"
-            ]
-          }
-        },
        {
          "action_id": "goss",
          "params": {
--- a/.vib/redis/vib-verify.json
+++ b/.vib/redis/vib-verify.json
@@ -38,16 +38,6 @@
            "endpoint": "lb-redis-master-tcp-redis"
          }
        },
-        {
-          "action_id": "resilience-tests",
-          "params": {
-            "test_cases": [
-              "testKubernetesPodDelete",
-              "testPodScaleUp",
-              "testPodScaleDown"
-            ]
-          }
-        },
        {
          "action_id": "goss",
          "params": {
--- a/bitnami/redis/Chart.yaml
+++ b/bitnami/redis/Chart.yaml
@@ -22,4 +22,4 @@ maintainers:
 name: redis
 sources:
  - https://github.com/bitnami/containers/tree/main/bitnami/redis
-version: 17.7.0
+version: 17.7.1
--- a/bitnami/redis/templates/tls-secret.yaml
+++ b/bitnami/redis/templates/tls-secret.yaml
@@ -1,6 +1,5 @@
 {{- if (include "redis.createTlsSecret" .) }}
 {{- $secretName := printf "%s-crt" (include "common.names.fullname" .) }}
-{{- $existingCerts := (lookup "v1" "Secret" .Release.Namespace $secretName).data | default dict }}
 {{- $ca := genCA "redis-ca" 365 }}
 {{- $releaseNamespace := .Release.Namespace }}
 {{- $clusterDomain := .Values.clusterDomain }}
@@ -9,7 +8,7 @@
 {{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }}
 {{- $masterServiceName := printf "%s-master" (include "common.names.fullname" .) }}
 {{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) "127.0.0.1" "localhost" $fullname }}
-{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
+{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -24,7 +23,7 @@ metadata:
  {{- end }}
 type: kubernetes.io/tls
 data:
-  ca.crt: {{ (get $existingCerts "ca.crt") | default ($ca.Cert | b64enc | quote ) }}
-  tls.crt: {{ (get $existingCerts "tls.crt") | default ($crt.Cert | b64enc | quote) }}
-  tls.key: {{ (get $existingCerts "tls.key") | default ($crt.Key | b64enc | quote) }}
+  tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
+  tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
+  ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
 {{- end }}