Separate oidc ca

Consensys · Sep 30, 2021 · 9c66f51 · 9c66f51
1 parent 86aa66f
commit 9c66f51
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 5 deletions.
diff --git a/Chart.yaml b/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.15
+version: 1.0.16
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

diff --git a/templates/deployment.yaml b/templates/deployment.yaml
@@ -153,9 +153,14 @@ spec:
               readOnly: true
           {{- end }}
           {{- if .Values.auth.tls.enabled }}
-            - name: qkm-certificates
+            - name: qkm-certs
               mountPath: /certificates
               readOnly: true
+          {{- end }}
+          {{- if .Values.auth.oidc.enabled }}
+            - name: oidc-certs
+              mountPath: /oidc_certs
+              readOnly: true
           {{- end }}
             - name: manifests-config
               mountPath: /manifests
@@ -192,9 +197,14 @@ spec:
             name: {{ include "quorumkeymanager.fullname" . }}-apikey-file
       {{- end }}
       {{- if .Values.auth.tls.enabled }}
-        - name: qkm-certificates
+        - name: qkm-certs
           secret:
             secretName: {{ .Values.auth.tls.secretName }}
+      {{- end }}
+      {{- if .Values.auth.oidc.enabled }}
+        - name: oidc-certs
+          secret:
+            secretName: {{ include "quorumkeymanager.fullname" . }}-oidc-certs
       {{- end }}
         - name: manifests-config
           secret:

diff --git a/templates/oidc-certs.yaml b/templates/oidc-certs.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.auth.oidc.enabled }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "quorumkeymanager.fullname" . }}-oidc-certs
+  labels:
+    {{- include "quorumkeymanager.labels" . | nindent 4 }}
+  annotations:
+    {{- include "quorumkeymanager.annotations" . | nindent 4 }}
+type: Opaque
+data:
+  ca.crt: {{ .Values.auth.oidc.ca }}
+{{- end }}
diff --git a/values.yaml b/values.yaml
@@ -144,9 +144,9 @@ auth:
     file: "/apikey/sample.csv"
   oidc:
     enabled: false
-    cacert: ""
+    ca: ""
     issuer: ""
   tls:
     enabled: false
-    cacert: ""
+    ca: ""
     secretName: ""