Skip to content

Commit 55b5acf

Browse files
duanhongyiduanhongyi
committed
fix(charts): miss mutate ca cert
1 parent 6b8d9f2 commit 55b5acf

1 file changed

Lines changed: 14 additions & 7 deletions

File tree

charts/controller/templates/controller-mutate-webhook.yaml

Lines changed: 14 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,16 +7,20 @@ apiVersion: admissionregistration.k8s.io/v1
77
kind: MutatingWebhookConfiguration
88
metadata:
99
name: {{ .Release.Namespace }}-controller-mutate
10+
annotations:
11+
component.drycc.cc/version: {{ .Values.imageTag }}
12+
labels:
13+
heritage: drycc
1014
webhooks:
1115
- name: mutate.drycc.cc
1216
sideEffects: None
1317
admissionReviewVersions: ["v1"]
1418
clientConfig:
15-
caBundle: {{ b64enc $ca.Cert }}
19+
caBundle: {{ (include "common.secrets.lookup" (dict "secret" "controller-mutate-cert" "key" "ca.crt" "defaultValue" $ca.Cert "context" $)) }}
1620
service:
1721
name: drycc-controller-mutate
1822
namespace: "{{ .Release.Namespace }}"
19-
path: "{{ printf "/v2/mutate/%s/" $key }}"
23+
path: "{{ printf "/v2/mutate/%s/" ((include "common.secrets.lookup" (dict "secret" "controller-mutate-cert" "key" "key" "defaultValue" $key "context" $)) | b64dec) }}"
2024
failurePolicy: Fail
2125
objectSelector:
2226
matchLabels:
@@ -40,11 +44,14 @@ apiVersion: v1
4044
kind: Secret
4145
metadata:
4246
name: controller-mutate-cert
47+
annotations:
48+
component.drycc.cc/version: {{ .Values.imageTag }}
4349
labels:
44-
release: "{{ .Release.Name }}"
45-
heritage: "{{ .Release.Service }}"
50+
heritage: drycc
4651
type: Opaque
4752
data:
48-
key: {{ b64enc $key }}
49-
tls.crt: {{ b64enc $cert.Cert }}
50-
tls.key: {{ b64enc $cert.Key }}
53+
key: {{ (include "common.secrets.lookup" (dict "secret" "controller-creds" "key" "key" "defaultValue" $key "context" $)) }}
54+
ca.key: {{ (include "common.secrets.lookup" (dict "secret" "controller-creds" "key" "ca.key" "defaultValue" $ca.Key "context" $)) }}
55+
ca.crt: {{ (include "common.secrets.lookup" (dict "secret" "controller-creds" "key" "ca.crt" "defaultValue" $ca.Cert "context" $)) }}
56+
tls.key: {{ (include "common.secrets.lookup" (dict "secret" "controller-creds" "key" "tls.key" "defaultValue" $cert.Key "context" $)) }}
57+
tls.crt: {{ (include "common.secrets.lookup" (dict "secret" "controller-creds" "key" "tls.crt" "defaultValue" $cert.Cert "context" $)) }}

0 commit comments

Comments
 (0)