Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-16 14:57:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix TLS misconfig in statefulset and secrets (#10611)

Browse Source 
Signed-off-by: Einav Daniel <einavd@datricks.com>
This commit is contained in:
Einav
2022-06-08 10:08:55 +03:00
committed by GitHub
parent e2e066dfb6
commit c6383b8aed
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/keycloak/templates/secrets.yaml
View File

@@ -25,7 +25,7 @@ data:
tls-keystore-password: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "tls-keystore-password" "length" 10 "providedValues" (list "auth.tls.keystorePassword") "context" $) }}
{{- end }}
{{- if or .Values.auth.tls.truststorePassword .Values.auth.tls.autoGenerated .Values.auth.tls.usePem }}
tls-truestore-password: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "tls-truestore-password" "length" 10 "providedValues" (list "auth.tls.truststorePassword") "context" $) }}
tls-truststore-password: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "tls-truststore-password" "length" 10 "providedValues" (list "auth.tls.truststorePassword") "context" $) }}
{{- end }}
{{- end }}
{{- end }}

12
bitnami/keycloak/templates/statefulset.yaml
View File

@@ -152,10 +152,10 @@ spec:
secretKeyRef:
{{- if .Values.auth.existingSecretPerPassword }}
name: {{ tpl (include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecretPerPassword.tlsTruststorePassword "context" $)) $ }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecretPerPassword "key" "tlsKeystorePassword") }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecretPerPassword "key" "tlsTruststorePassword") }}
{{- else }}
name: {{ $globalSecretName }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecret "key" "tls-truestore-password") }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecret "key" "tls-truststore-password") }}
{{- end }}
{{- end }}
{{- if .Values.auth.tls.resources }}
@@ -235,7 +235,7 @@ spec:
valueFrom:
secretKeyRef:
{{- if .Values.auth.existingSecretPerPassword }}
name: {{ tpl (include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecretPerPassword.tlsKeystorePassword "context" $) $) }}
name: {{ tpl (include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecretPerPassword.tlsKeystorePassword "context" $)) $ }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecretPerPassword "key" "tlsKeystorePassword") }}
{{- else }}
name: {{ $globalSecretName }}
@@ -247,11 +247,11 @@ spec:
valueFrom:
secretKeyRef:
{{- if .Values.auth.existingSecretPerPassword }}
name: {{ tpl (include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecretPerPassword.tlsTruststorePassword "context" $) $) }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecretPerPassword "key" "tlsKeystorePassword") }}
name: {{ tpl (include "common.secrets.name" (dict "existingSecret" .Values.auth.existingSecretPerPassword.tlsTruststorePassword "context" $)) $ }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecretPerPassword "key" "tlsTruststorePassword") }}
{{- else }}
name: {{ $globalSecretName }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecret "key" "tls-truestore-password") }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.auth.existingSecret "key" "tls-truststore-password") }}
{{- end }}
{{- end }}
{{- end }}