SLK-88407 Scanner additional cert fix (#919)

* Initial commit * Testing new label context * Updates * Finalising PR * Bumping chart version * Bumping changes in README
aquasecurity · Jan 1, 2025 · a8d6358 · a8d6358
1 parent 0974c02
commit a8d6358
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -30,7 +30,7 @@ This repository includes the following charts; they can be deployed separately:
 |-------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------|
 | [Server](server/)                   | Deploys the Console, Database, and Gateway components; optionally deploys Envoy component                                                                     | 2022.4.26            |
 | [Enforcer](enforcer/)               | Deploys the Aqua Enforcer daemonset                                                                                                                           | 2022.4.21            |
-| [Scanner](scanner/)                 | Deploys the Aqua Scanner deployment                                                                                                                           | 2022.4.9             |
+| [Scanner](scanner/)                 | Deploys the Aqua Scanner deployment                                                                                                                           | 2022.4.10             |
 | [KubeEnforcer](kube-enforcer/)      | Deploys Aqua KubeEnforcer                                                                                                                                     | 2022.4.49            |
 | [Gateway](gateway)                  | Deploys the Aqua Standalone Gateway                                                                                                                           | 2022.4.14            |
 | [Tenant-Manager](tenant-manager/)   | Deploys the Aqua Tenant Manager                                                                                                                               | 2022.4.0             |
@@ -84,7 +84,7 @@ aqua-helm/cyber-center          2022.4.6        2022.4          A Helm chart for
 aqua-helm/enforcer              2022.4.23       2022.4          A Helm chart for the Aqua Enforcer
 aqua-helm/kube-enforcer         2022.4.49       2022.4          A Helm chart for the Aqua KubeEnforcer Starboard
 aqua-helm/gateway               2022.4.14       2022.4          A Helm chart for the Aqua Gateway
-aqua-helm/scanner               2022.4.9        2022.4          A Helm chart for the Aqua Scanner CLI component
+aqua-helm/scanner               2022.4.10        2022.4          A Helm chart for the Aqua Scanner CLI component
 aqua-helm/server                2022.4.26       2022.4          A Helm chart for the Aqua Console components
 aqua-helm/tenant-manager        2022.4.1        2022.4          A Helm chart for the Aqua Tenant Manager
 ```

diff --git a/scanner/CHANGELOG.md b/scanner/CHANGELOG.md
@@ -2,6 +2,9 @@
 
 All notable changes to this project will be documented in this file.
 
+## 2022.4.10 (Dec 30th, 2024)
+* Fixed additionalCert errors
+
 ## 2022.4.9 (Dec 6th, 2024)
 * Fixed enableLivenessProbe related errors - [#909](https://github.com/aquasecurity/aqua-helm/issues/909)
 

diff --git a/scanner/Chart.yaml b/scanner/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "2022.4"
 description: A Helm chart for the Aqua Scanner CLI component
 name: scanner
-version: "2022.4.9"
+version: "2022.4.10"
 icon: https://avatars3.githubusercontent.com/u/12783832?s=200&v=4
 home: https://www.aquasec.com/
 maintainers:

diff --git a/scanner/templates/scanner-cert-secret.yaml b/scanner/templates/scanner-cert-secret.yaml
@@ -1,17 +1,18 @@
-{{ $relname := .Release.Namespace }}
+{{ $relName := .Release.Name }}
+{{ $relNamespace := .Release.Namespace }}
 {{- range $i, $cert := .Values.additionalCerts }}
 {{- if $cert.createSecret }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
   name: {{ $cert.secretName }}
-  namespace: {{ $relname }}
+  namespace: {{ $relNamespace }}
   labels:
-    app: {{ .Release.Name }}-scanner
+    app: {{ $relName }}-scanner
     aqua.component: scanner
-{{ include "aqua.labels" . | indent 4 }}
+{{ include "aqua.labels" $ | indent 4 }}
 data:
-  cert.pem: {{ $cert.certFile }}
+  cert.pem: {{ $cert.certFile | b64enc | quote }}
 {{- end }}
 {{- end }}
diff --git a/scanner/values.yaml b/scanner/values.yaml
@@ -72,7 +72,17 @@ server:
 additionalCerts: []
   # - createSecret: true                # Change to false if you're using existing server certificate secret
   #   secretName: "proxy-server-certs"  # Change secret name if already exists with server/web public certificate
-  #   certFile:                         # If additionalCerts createSecret enable to true, add base64 value of the server public certificate or add filename of certificate if loading from custom secret
+  #   certFile:                         # If additionalCerts createSecret enable to true, add unencoded value of the certificate to be added
+  # Multi-cert Usage Example
+  # - createSecret: true
+  #   secretName: "proxy-server-certs"
+  #   certFile: |
+  #     -----BEGIN CERTIFICATE-----
+  #     CERT
+  #     -----END CERTIFICATE-----
+  # - createSecret: true
+  #   secretName: "another-cert"
+  #   certFile: "UNECODED_CERT_DATA"
 
 
 serverSSL: