[bitnami/ejbca] Set usePasswordFiles=true by default (#32343)

* [bitnami/ejbca] Set `usePasswordFiles=true` by default Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Update values.yaml Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Fix lint Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Remove 'and' Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> --------- Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Bot <bitnami.bot@broadcom.com>
2026-02-11 12:57:08 +08:00 · 2025-04-04 08:11:08 +02:00
parent 920a2d667a
commit cfa2cc85a3
5 changed files with 42 additions and 5 deletions
--- a/bitnami/ejbca/CHANGELOG.md
+++ b/bitnami/ejbca/CHANGELOG.md
@@ -1,8 +1,13 @@
 # Changelog

-## 17.0.4 (2025-03-28)
+## 17.1.0 (2025-04-01)

-* [bitnami/ejbca] Release 17.0.4 ([#32674](https://github.com/bitnami/charts/pull/32674))
+* [bitnami/ejbca] Set `usePasswordFiles=true` by default ([#32343](https://github.com/bitnami/charts/pull/32343))
+
+## <small>17.0.4 (2025-03-28)</small>
+
+* [bitnami/*] Add tanzuCategory annotation (#32409) ([a8fba5c](https://github.com/bitnami/charts/commit/a8fba5cb01f6f4464ca7f69c50b0fbe97d837a95)), closes [#32409](https://github.com/bitnami/charts/issues/32409)
+* [bitnami/ejbca] Release 17.0.4 (#32674) ([7284153](https://github.com/bitnami/charts/commit/7284153ab6d0283ce1cdf1a2baa27e233ac0fe5d)), closes [#32674](https://github.com/bitnami/charts/issues/32674)

 ## <small>17.0.3 (2025-03-08)</small>

--- a/bitnami/ejbca/Chart.yaml
+++ b/bitnami/ejbca/Chart.yaml
@@ -36,4 +36,4 @@ maintainers:
 name: ejbca
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/ejbca
-version: 17.0.4
+version: 17.1.0
--- a/bitnami/ejbca/README.md
+++ b/bitnami/ejbca/README.md
@@ -177,6 +177,7 @@ Persistent Volume Claims are used to keep the data across deployments. This is k
 | `commonLabels`           | Add labels to all the deployed resources                                                | `{}`           |
 | `commonAnnotations`      | Annotations to be added to all deployed resources                                       | `{}`           |
 | `extraDeploy`            | Array of extra objects to deploy with the release                                       | `[]`           |
+| `usePasswordFiles`       | Mount credentials as files instead of using environment variables                       | `true`         |
 | `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false`        |
 | `diagnosticMode.command` | Command to override all containers in the deployment                                    | `["sleep"]`    |
 | `diagnosticMode.args`    | Args to override all containers in the deployment                                       | `["infinity"]` |
--- a/bitnami/ejbca/templates/deployment.yaml
+++ b/bitnami/ejbca/templates/deployment.yaml
@@ -110,6 +110,16 @@ spec:
          env:
            - name: BITNAMI_DEBUG
              value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+            {{- if .Values.usePasswordFiles }}
+            - name: EJBCA_ADMIN_PASSWORD_FILE
+              value: "/opt/bitnami/ejbca/secrets/ejbca-admin-password"
+            - name: EJBCA_DATABASE_PASSWORD_FILE
+              value: "/opt/bitnami/ejbca/secrets/mariadb-password"
+            {{- if .Values.ejbcaKeystoreExistingSecret }}
+            - name: EJBCA_SERVER_CERT_PASSWORD_FILE
+              value: "/opt/bitnami/ejbca/secrets/keystore-password"
+            {{- end }}
+            {{- else }}
            - name: EJBCA_ADMIN_PASSWORD
              valueFrom:
                secretKeyRef:
@@ -127,6 +137,7 @@ spec:
                  name: {{ .Values.ejbcaKeystoreExistingSecret }}
                  key: keystore-password
            {{- end }}
+            {{- end }}
            - name: EJBCA_ADMIN_USERNAME
              value: {{ .Values.ejbcaAdminUsername | quote }}
            - name: EJBCA_DATABASE_HOST
@@ -249,6 +260,10 @@ spec:
            - name: ejbca-data
              mountPath: /bitnami/wildfly
              subPath: wildfly
+            {{- if .Values.usePasswordFiles }}
+            - name: ejbca-secrets
+              mountPath: /opt/bitnami/ejbca/secrets
+            {{- end }}
            {{- if .Values.ejbcaKeystoreExistingSecret }}
            - name: ejbca-keystore
              mountPath: /opt/bitnami/ejbca/mounted-jks/keystore.jks
@@ -268,14 +283,27 @@ spec:
      volumes:
        - name: empty-dir
          emptyDir: {}
-          {{- if .Values.ejbcaKeystoreExistingSecret }}
+        {{- if .Values.ejbcaKeystoreExistingSecret }}
        - name: ejbca-keystore
          secret:
            secretName: {{ .Values.ejbcaKeystoreExistingSecret }}
            items:
            - key: "keystore.jks"
              path: "keystore.jks"
-          {{- end }}
+        {{- end }}
+        {{- if .Values.usePasswordFiles }}
+        - name: ejbca-secrets
+          projected:
+            sources:
+              - secret:
+                  name:  {{ include "ejbca.secretName" . }}
+              - secret:
+                  name:  {{ include "ejbca.databaseSecretName" . }}
+              {{- if .Values.ejbcaKeystoreExistingSecret }}
+              - secret:
+                  name: {{ .Values.ejbcaKeystoreExistingSecret }}
+              {{- end }}
+        {{- end }}
        - name: ejbca-data
          {{- if .Values.persistence.enabled }}
          persistentVolumeClaim:
--- a/bitnami/ejbca/values.yaml
+++ b/bitnami/ejbca/values.yaml
@@ -55,6 +55,9 @@ commonAnnotations: {}
 ## @param extraDeploy Array of extra objects to deploy with the release
 ##
 extraDeploy: []
+## @param usePasswordFiles Mount credentials as files instead of using environment variables
+##
+usePasswordFiles: true
 ## Enable diagnostic mode in the deployment
 ##
 diagnosticMode: