1180db46cd
* set template for ca issuer name and secret name + geo-replication installation example * remove geo-replication from this PR * use certs template to define ca name and secret name * Handle proxy, toolset and zookeeper in the same way as others * Make the logic more consistent by separating the selfsigning issuer configuration --------- Co-authored-by: GLECROC <guillaume.lecroc@cnp.fr> Co-authored-by: Lari Hotari <lhotari@users.noreply.github.com> Co-authored-by: Lari Hotari <lhotari@apache.org>
89 lines
2.5 KiB
Smarty
89 lines
2.5 KiB
Smarty
{{/*
|
|
Licensed to the Apache Software Foundation (ASF) under one
|
|
or more contributor license agreements. See the NOTICE file
|
|
distributed with this work for additional information
|
|
regarding copyright ownership. The ASF licenses this file
|
|
to you under the Apache License, Version 2.0 (the
|
|
"License"); you may not use this file except in compliance
|
|
with the License. You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing,
|
|
software distributed under the License is distributed on an
|
|
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
KIND, either express or implied. See the License for the
|
|
specific language governing permissions and limitations
|
|
under the License.
|
|
*/}}
|
|
|
|
{{/*
|
|
Define the pulsar toolset service
|
|
*/}}
|
|
{{- define "pulsar.toolset.service" -}}
|
|
{{ template "pulsar.fullname" . }}-{{ .Values.toolset.component }}
|
|
{{- end }}
|
|
|
|
{{/*
|
|
Define the toolset hostname
|
|
*/}}
|
|
{{- define "pulsar.toolset.hostname" -}}
|
|
${HOSTNAME}.{{ template "pulsar.toolset.service" . }}.{{ template "pulsar.namespace" . }}.svc.{{ .Values.clusterDomain }}
|
|
{{- end -}}
|
|
|
|
{{/*
|
|
Define toolset zookeeper client tls settings
|
|
*/}}
|
|
{{- define "pulsar.toolset.zookeeper.tls.settings" -}}
|
|
{{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled -}}
|
|
/pulsar/keytool/keytool.sh toolset {{ template "pulsar.toolset.hostname" . }} true;
|
|
{{- end -}}
|
|
{{- end }}
|
|
|
|
{{/*
|
|
Define toolset tls certs mounts
|
|
*/}}
|
|
{{- define "pulsar.toolset.certs.volumeMounts" -}}
|
|
{{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }}
|
|
- name: toolset-certs
|
|
mountPath: "/pulsar/certs/toolset"
|
|
readOnly: true
|
|
- name: ca
|
|
mountPath: "/pulsar/certs/ca"
|
|
readOnly: true
|
|
{{- if .Values.tls.zookeeper.enabled }}
|
|
- name: keytool
|
|
mountPath: "/pulsar/keytool/keytool.sh"
|
|
subPath: keytool.sh
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{/*
|
|
Define toolset tls certs volumes
|
|
*/}}
|
|
{{- define "pulsar.toolset.certs.volumes" -}}
|
|
{{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }}
|
|
- name: toolset-certs
|
|
secret:
|
|
secretName: "{{ .Release.Name }}-{{ .Values.tls.toolset.cert_name }}"
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
- name: ca
|
|
secret:
|
|
secretName: "{{ template "pulsar.certs.issuers.ca.secretName" . }}"
|
|
items:
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
{{- if .Values.tls.zookeeper.enabled }}
|
|
- name: keytool
|
|
configMap:
|
|
name: "{{ template "pulsar.fullname" . }}-keytool-configmap"
|
|
defaultMode: 0755
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|