From 8e7480d771c0b8a0f724d923d3fe52c030b51413 Mon Sep 17 00:00:00 2001
From: Deepak Goel <dgoel@mesosphere.com>
Date: Fri, 17 Jan 2020 14:58:45 -0800
Subject: [PATCH] [kube-oidc-proxy] fall back to default ca if custom ca isn't
 present

---
 staging/kube-oidc-proxy/templates/deployment.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/staging/kube-oidc-proxy/templates/deployment.yaml b/staging/kube-oidc-proxy/templates/deployment.yaml
index 4432c3e7ef..9b82f22cde 100644
--- a/staging/kube-oidc-proxy/templates/deployment.yaml
+++ b/staging/kube-oidc-proxy/templates/deployment.yaml
@@ -51,6 +51,8 @@ spec:
           - "--oidc-username-claim=$(OIDC_USERNAME_CLAIM)"
           {{- if or .Values.oidc.caPEM .Values.oidc.caSecretName }}
           - "--oidc-ca-file=/etc/oidc/oidc-ca.pem"
+          {{- else }}
+          - "--oidc-ca-file=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
           {{ end }}
           {{- if .Values.oidc.usernamePrefix }}
           - "--oidc-username-prefix=$(OIDC_USERNAME_PREFIX)"