File tree Expand file tree Collapse file tree
components/konflux-devlake/internal-staging Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -53,18 +53,48 @@ lake:
5353 DB_URL : " mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_SERVER):$(MYSQL_PORT)/$(MYSQL_DATABASE)?charset=$(DB_CHARSET)&parseTime=$(DB_PARSE_TIME)&loc=$(DB_LOCATION)&tls=true"
5454 # Go's crypto/x509 on Debian reads /etc/ssl/certs/ by default, not
5555 # /etc/pki/ where OpenShift mounts the trusted CA ConfigMap.
56- SSL_CERT_FILE : " /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"
56+ SSL_CERT_FILE : " /etc/ssl/combined/ca-bundle.crt"
57+ initContainers :
58+ - name : build-ca-bundle
59+ image : quay.io/konflux-ci/konflux-devprod/devlake-backend
60+ command :
61+ - sh
62+ - -c
63+ - cat /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/ssl/rds/rds-ca-bundle.pem > /etc/ssl/combined/ca-bundle.crt
64+ volumeMounts :
65+ - name : trusted-ca
66+ mountPath : /etc/pki/ca-trust/extracted/pem
67+ readOnly : true
68+ - name : rds-ca
69+ mountPath : /etc/ssl/rds
70+ readOnly : true
71+ - name : combined-ca
72+ mountPath : /etc/ssl/combined
5773 volumes :
5874 - name : trusted-ca
5975 configMap :
6076 name : trusted-ca
6177 items :
6278 - key : ca-bundle.crt
6379 path : tls-ca-bundle.pem
80+ - name : rds-ca
81+ secret :
82+ secretName : konflux-devlake-secrets
83+ items :
84+ - key : AWS_RDS_CRTS
85+ path : rds-ca-bundle.pem
86+ - name : combined-ca
87+ emptyDir : {}
6488 volumeMounts :
6589 - name : trusted-ca
6690 mountPath : /etc/pki/ca-trust/extracted/pem
6791 readOnly : true
92+ - name : rds-ca
93+ mountPath : /etc/ssl/rds
94+ readOnly : true
95+ - name : combined-ca
96+ mountPath : /etc/ssl/combined
97+ readOnly : true
6898 extraEnvsFromSecret : konflux-devlake-secrets
6999
70100mysql :
You can’t perform that action at this time.
0 commit comments