volker.raschek/athens-proxy-charts
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(pod): support roll deployment for external TLS certificates
All checks were successful
Helm / helm-lint (push) Successful in 4s
Details
Helm / helm-unittest (push) Successful in 18s
Details
Release / publish-chart (push) Successful in 19s
Details

Browse Source
This commit is contained in:
Markus Pesch
2025-11-30 13:58:34 +01:00
parent 502c78296e
commit f54f1aca01
2 changed files with 39 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
templates/_pod.tpl
View File

@@ -4,8 +4,11 @@
{{- define "athens-proxy.pod.annotations" }} {{- define "athens-proxy.pod.annotations" }}
{{- include "athens-proxy.annotations" . }} {{- include "athens-proxy.annotations" . }}
{{- if and .Values.certificate.enabled (not .Values.certificate.existingSecret.enabled) }} {{- if and .Values.certificate.enabled }}
{{- $secretName := include "athens-proxy.certificates.server.name" $ }} {{- $secretName := include "athens-proxy.certificates.server.name" $ }}
{{- if and .Values.certificate.existingSecret.enabled (gt (len .Values.certificate.existingSecret.secretName) 0) }}
{{- $secretName = .Values.certificate.existingSecret.secretName }}
{{- end }}
{{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName }} {{- $secret := lookup "v1" "Secret" .Release.Namespace $secretName }}
{{ printf "checksum/secret-%s: %s" $secretName ($secret | toYaml | sha256sum) }} {{ printf "checksum/secret-%s: %s" $secretName ($secret | toYaml | sha256sum) }}
{{- end }} {{- end }}

35
unittests/deployment/certificate.yaml
View File

@@ -74,3 +74,38 @@ tests:
secret: secret:
secretName: athens-proxy-unittest-tls secretName: athens-proxy-unittest-tls
template: templates/deployment.yaml template: templates/deployment.yaml
- it: Rendering with external TLS config
set:
certificate.enabled: true
certificate.existingSecret.enabled: true
certificate.existingSecret.secretName: my-own-secret
asserts:
- exists:
path: spec.template.metadata.annotations["checksum/secret-my-own-secret"]
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_TLSCERT_FILE
value: /etc/athens-proxy/tls/tls.crt
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_TLSKEY_FILE
value: /etc/athens-proxy/tls/tls.key
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: tls
mountPath: /etc/athens-proxy/tls
template: templates/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: tls
secret:
secretName: athens-proxy-unittest-tls
template: templates/deployment.yaml