Merge pull request #104 from driosalido/allow_selfSignedSecrets_from_existing_secrets

stavbernazport · web-flow · commit 8c1140a9908b · 2024-05-19T10:12:26.000+03:00
Add mounting Self Signed Certificates from existing secret
diff --git a/charts/port-ocean/Chart.yaml b/charts/port-ocean/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: port-ocean
 description: A Helm chart for Port Ocean integrations
 type: application
-version: 0.1.20
+version: 0.1.21
 appVersion: "0.1.0"
 home: https://getport.io/
 sources:
diff --git a/charts/port-ocean/templates/certificate_secret.yaml b/charts/port-ocean/templates/certificate_secret.yaml
@@ -1,9 +1,9 @@
-{{- if .Values.selfSignedCertificate.enabled }}
+{{- if and .Values.selfSignedCertificate.enabled (not .Values.selfSignedCertificate.secret.useExistingSecret) }}
 apiVersion: v1
 kind: Secret
 metadata:
   name: {{ include "port-ocean.selfSignedCertName" . }}
 type: Opaque
 data:
   crt: {{ .Values.selfSignedCertificate.certificate | b64enc }}
-{{- end }}
+{{- end }}
diff --git a/charts/port-ocean/templates/deployment.yaml b/charts/port-ocean/templates/deployment.yaml
@@ -64,7 +64,16 @@ spec:
             readOnly: true
         {{- end }}
       volumes:
-        {{- if .Values.selfSignedCertificate.enabled }}
+        {{- if and .Values.selfSignedCertificate.enabled .Values.selfSignedCertificate.secret.useExistingSecret }}
+        - name: certificates
+          projected:
+            sources:
+              - secret:
+                  name: {{ .Values.selfSignedCertificate.secret.name }}
+                  items:
+                    - key: {{ .Values.selfSignedCertificate.secret.key }}
+                      path: cert.crt
+        {{- else if .Values.selfSignedCertificate.enabled }}
         - name: certificates
           projected:
             sources:
@@ -86,4 +95,3 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
-
diff --git a/charts/port-ocean/values.yaml b/charts/port-ocean/values.yaml
@@ -15,15 +15,15 @@ extraEnv:
 
 podSecurityContext: {}
 # Example
-  # runAsGroup: 1001
-  # runAsUser: 1001
-  # fsGroup: 1001
-  # fsGroupChangePolicy: "OnRootMismatch"
+# runAsGroup: 1001
+# runAsUser: 1001
+# fsGroup: 1001
+# fsGroupChangePolicy: "OnRootMismatch"
 containerSecurityContext: {}
 # Example
-  # runAsGroup: 1001
-  # runAsUser: 1001
-  # allowPrivilegeEscalation: false
+# runAsGroup: 1001
+# runAsUser: 1001
+# allowPrivilegeEscalation: false
 
 rolloutStrategy: "Recreate"
 
@@ -35,7 +35,6 @@ resources:
     memory: "1024Mi"
     cpu: "500m"
 
-
 nodeSelector: {}
 
 tolerations: []
@@ -91,4 +90,8 @@ integration:
 
 selfSignedCertificate:
   enabled: false
-  certificate: ""
+  certificate: ""
+  secret:
+    name: ""
+    key: crt
+    useExistingSecret: false
