Skip to content

Commit

Permalink
fix: support autoGenerateCert as string
Browse files Browse the repository at this point in the history
operator-sdk has limitation to override boolean value.

operator-framework/operator-sdk#6115

This commit allows string type of the flag, so we can override it from
helm-operator level.
  • Loading branch information
holyspectral committed Feb 9, 2024
1 parent 2662682 commit 5b8c697
Show file tree
Hide file tree
Showing 6 changed files with 15 additions and 15 deletions.
8 changes: 4 additions & 4 deletions charts/core/templates/controller-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,15 +36,15 @@ spec:
{{- with .Values.controller.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if or .Values.controller.secret.enabled .Values.controller.configmap.enabled .Values.controller.podAnnotations .Values.autoGenerateCert }}
{{- if or .Values.controller.secret.enabled .Values.controller.configmap.enabled .Values.controller.podAnnotations (eq "true" (toString .Values.autoGenerateCert)) }}
annotations:
{{- if .Values.controller.secret.enabled }}
checksum/init-secret: {{ include (print $.Template.BasePath "/init-secret.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.controller.configmap.enabled }}
checksum/init-configmap: {{ include (print $.Template.BasePath "/init-configmap.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.autoGenerateCert }}
{{- if eq "true" (toString .Values.autoGenerateCert) }}
checksum/controller-secret: {{ include (print $.Template.BasePath "/controller-secret.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.controller.podAnnotations }}
Expand Down Expand Up @@ -195,7 +195,7 @@ spec:
subPath: {{ .Values.controller.certificate.pemFile }}
name: usercert
readOnly: true
{{- else if .Values.autoGenerateCert }}
{{- else if eq "true" (toString .Values.autoGenerateCert) }}
- mountPath: /etc/neuvector/certs/ssl-cert.key
subPath: ssl-cert.key
name: cert
Expand Down Expand Up @@ -268,7 +268,7 @@ spec:
- secret:
name: neuvector-secret
optional: true
{{- if .Values.autoGenerateCert }}
{{- if eq "true" (toString .Values.autoGenerateCert) }}
- name: cert
secret:
secretName: neuvector-controller-secret
Expand Down
2 changes: 1 addition & 1 deletion charts/core/templates/controller-secret.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.controller.enabled -}}
{{- if .Values.autoGenerateCert }}
{{- if eq "true" (toString .Values.autoGenerateCert) }}
{{- $cn := "neuvector" }}
{{- $cert := genSelfSignedCert $cn nil (list $cn) (.Values.defaultValidityPeriod | int) -}}
apiVersion: v1
Expand Down
8 changes: 4 additions & 4 deletions charts/core/templates/manager-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ spec:
{{- with .Values.manager.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if or .Values.manager.podAnnotations .Values.autoGenerateCert }}
{{- if or .Values.manager.podAnnotations (eq "true" (toString .Values.autoGenerateCert)) }}
annotations:
{{- if .Values.autoGenerateCert }}
{{- if eq "true" (toString .Values.autoGenerateCert) }}
checksum/manager-secret: {{ include (print $.Template.BasePath "/manager-secret.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.manager.podAnnotations }}
Expand Down Expand Up @@ -108,7 +108,7 @@ spec:
subPath: {{ .Values.manager.certificate.pemFile }}
name: cert
readOnly: true
{{- else if .Values.autoGenerateCert }}
{{- else if eq "true" (toString .Values.autoGenerateCert) }}
- mountPath: /etc/neuvector/certs/ssl-cert.key
subPath: ssl-cert.key
name: cert
Expand All @@ -130,7 +130,7 @@ spec:
- name: cert
secret:
secretName: {{ .Values.manager.certificate.secret }}
{{- else if .Values.autoGenerateCert }}
{{- else if eq "true" (toString .Values.autoGenerateCert) }}
- name: cert
secret:
secretName: neuvector-manager-secret
Expand Down
2 changes: 1 addition & 1 deletion charts/core/templates/manager-secret.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.manager.enabled -}}
{{- if .Values.autoGenerateCert }}
{{- if eq "true" (toString .Values.autoGenerateCert) }}
{{- $cn := "neuvector" }}
{{- $cert := genSelfSignedCert $cn nil (list $cn) (.Values.defaultValidityPeriod | int) -}}
apiVersion: v1
Expand Down
2 changes: 1 addition & 1 deletion charts/core/templates/registry-adapter-secret.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if .Values.cve.adapter.enabled -}}
{{- if .Values.autoGenerateCert }}
{{- if eq "true" (toString .Values.autoGenerateCert) }}
{{- $cn := "neuvector" }}
{{- $cert := genSelfSignedCert $cn nil (list $cn "neuvector-service-registry-adapter.cattle-neuvector-system.svc.cluster.local" "neuvector-service-registry-adapter") (.Values.defaultValidityPeriod | int) -}}
apiVersion: v1
Expand Down
8 changes: 4 additions & 4 deletions charts/core/templates/registry-adapter.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ spec:
{{- with .Values.cve.adapter.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if or .Values.cve.adapter.podAnnotations .Values.autoGenerateCert }}
{{- if or .Values.cve.adapter.podAnnotations (eq "true" (toString .Values.autoGenerateCert)) }}
annotations:
{{- if .Values.autoGenerateCert }}
{{- if eq "true" (toString .Values.autoGenerateCert) }}
checksum/registry-adapter-secret: {{ include (print $.Template.BasePath "/registry-adapter-secret.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.cve.adapter.podAnnotations }}
Expand Down Expand Up @@ -110,7 +110,7 @@ spec:
subPath: {{ .Values.cve.adapter.certificate.pemFile }}
name: cert
readOnly: true
{{- else if .Values.autoGenerateCert }}
{{- else if eq "true" (toString .Values.autoGenerateCert) }}
- mountPath: /etc/neuvector/certs/ssl-cert.key
subPath: ssl-cert.key
name: cert
Expand Down Expand Up @@ -147,7 +147,7 @@ spec:
- name: cert
secret:
secretName: {{ .Values.cve.adapter.certificate.secret }}
{{- else if .Values.autoGenerateCert }}
{{- else if eq "true" (toString .Values.autoGenerateCert) }}
- name: cert
secret:
secretName: neuvector-registry-adapter-secret
Expand Down

0 comments on commit 5b8c697

Please sign in to comment.