openstack/openstack-helm-infra
Code Issues Proposed changes

Helm-Toolkit: Update tls secret manifest for non public endpoints

Browse Source 
This PS updates the tls secret manifest to allow non-public endpoints
to be specified.

Change-Id: I47606e5c8db87fac07febb114334ded710f56ed5
Signed-off-by: Pete Birley <pete@port.direct>
This commit is contained in:
Pete Birley 2018-08-02 11:01:50 -05:00
parent 61829c0d45
commit aac1c4e8c0
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
View File

@ -55,10 +55,11 @@ return: |
{{- $backendServiceType := index . "backendServiceType" }}
{{- $backendService := index . "backendService" | default "api" }}
{{- $host := index $envAll.Values.endpoints ( $backendServiceType | replace "-" "_" ) "host_fqdn_override" }}
{{- if hasKey $host "public" }}
{{- if kindIs "map" $host.public }}
{{- if hasKey $host.public "tls" }}
{{- if and $host.public.tls.key $host.public.tls.crt }}
{{- if hasKey $host $endpoint }}
{{- $endpointHost := index $host $endpoint }}
{{- if kindIs "map" $endpointHost }}
{{- if hasKey $endpointHost "tls" }}
{{- if and $endpointHost.tls.key $endpointHost.tls.crt }}
---
apiVersion: v1
kind: Secret
@ -66,10 +67,10 @@ metadata:
name: {{ index $envAll.Values.secrets.tls ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
type: kubernetes.io/tls
data:
tls.crt: {{ $host.public.tls.crt | b64enc }}
tls.key: {{ $host.public.tls.key | b64enc }}
{{- if $host.public.tls.ca }}
ca.crt: {{ $host.public.tls.ca | b64enc }}
tls.crt: {{ $endpointHost.tls.crt | b64enc }}
tls.key: {{ $endpointHost.tls.key | b64enc }}
{{- if $endpointHost.tls.ca }}
ca.crt: {{ $endpointHost.tls.ca | b64enc }}
{{- end }}
{{- end }}
{{- end }}