Skip to content

Commit

Permalink
[scalar-admin-for-kubernetes] Support TLS in Scalar Admin for Kuberne…
Browse files Browse the repository at this point in the history
…tes chart (#260)

* [scalar-admin-for-kubernetes] Support TLS in Scalar Admin for Kubernetes chart

* Update description

* Apply suggestions from code review

Co-authored-by: Josh Wong <[email protected]>

* Update values.yaml

---------

Co-authored-by: Josh Wong <[email protected]>
  • Loading branch information
kota2and3kan and josh-wong authored Apr 12, 2024
1 parent e07e91a commit 0f6fa9c
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 0 deletions.
1 change: 1 addition & 0 deletions charts/scalar-admin-for-kubernetes/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -28,5 +28,6 @@ Current chart version is `2.0.0-SNAPSHOT`.
| scalarAdminForKubernetes.securityContext.runAsNonRoot | bool | `true` | Containers should be run as a non-root user with the minimum required permissions (principle of least privilege). |
| scalarAdminForKubernetes.serviceAccount.automountServiceAccountToken | bool | `true` | Specify whether to mount a service account token or not. |
| scalarAdminForKubernetes.serviceAccount.serviceAccountName | string | `""` | Name of the existing service account resource. |
| scalarAdminForKubernetes.tls.caRootCertSecret | string | `""` | Name of the secret containing the custom CA root certificate for TLS communication. This chart mounts the root CA certificate file on the /tls/certs/ directory. |
| scalarAdminForKubernetes.tolerations | list | `[]` | Tolerations are applied to pods and allow (but do not require) the pods to schedule onto nodes with matching taints. |
| scalarAdminForKubernetes.ttlSecondsAfterFinished | int | `0` | ttlSecondsAfterFinished value for the job resource. |
11 changes: 11 additions & 0 deletions charts/scalar-admin-for-kubernetes/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,17 @@ template:
{{- range .Values.scalarAdminForKubernetes.commandArgs }}
- {{ . | quote }}
{{- end }}
{{- if .Values.scalarAdminForKubernetes.tls.caRootCertSecret }}
volumeMounts:
- name: tls-ca-root-volume
mountPath: /tls/certs
{{- end }}
{{- if .Values.scalarAdminForKubernetes.tls.caRootCertSecret }}
volumes:
- name: tls-ca-root-volume
secret:
secretName: {{ .Values.scalarAdminForKubernetes.tls.caRootCertSecret }}
{{- end }}
{{- with .Values.scalarAdminForKubernetes.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
8 changes: 8 additions & 0 deletions charts/scalar-admin-for-kubernetes/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,14 @@
}
}
},
"tls": {
"type": "object",
"properties": {
"caRootCertSecret": {
"type": "string"
}
}
},
"tolerations": {
"type": "array"
},
Expand Down
4 changes: 4 additions & 0 deletions charts/scalar-admin-for-kubernetes/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -89,3 +89,7 @@ scalarAdminForKubernetes:

# -- ttlSecondsAfterFinished value for the job resource.
ttlSecondsAfterFinished: 0

tls:
# -- Name of the secret containing the custom CA root certificate for TLS communication. This chart mounts the root CA certificate file on /tls/certs/ directory.
caRootCertSecret: ""

0 comments on commit 0f6fa9c

Please sign in to comment.