feat(tls): add tls to ingress for public endpoint
This patch set adds TLS on overridden fqdns for public endpoints for airship-deckhand. As cacerts are not loaded into the containers, this only supports certificates that can be externally verified. Change-Id: I41606129c8d59dfedcb648f5390985a31b690eec
This commit is contained in:
parent
85896437af
commit
7b862e05d8
|
@ -0,0 +1,16 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
{{- if .Values.manifests.secret_ingress_tls }}
|
||||
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "deckhand" ) }}
|
||||
{{- end }}
|
|
@ -165,6 +165,13 @@ endpoints:
|
|||
default: http
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
# NOTE(lamt): This chart supports TLS for fqdn overriden public
|
||||
# endpoints using the following format:
|
||||
# public:
|
||||
# host: null
|
||||
# tls:
|
||||
# crt: null
|
||||
# key: null
|
||||
postgresql:
|
||||
name: postgresql
|
||||
auth:
|
||||
|
@ -215,6 +222,10 @@ secrets:
|
|||
postgresql:
|
||||
admin: deckhand-db-admin
|
||||
user: deckhand-db-user
|
||||
tls:
|
||||
deckhand:
|
||||
api:
|
||||
public: deckhand-tls-public
|
||||
|
||||
conf:
|
||||
uwsgi:
|
||||
|
@ -386,6 +397,7 @@ manifests:
|
|||
job_ks_service: true
|
||||
job_ks_user: true
|
||||
secret_db: true
|
||||
secret_ingress_tls: true
|
||||
secret_keystone: true
|
||||
service_api: true
|
||||
service_ingress_api: true
|
||||
|
|
Loading…
Reference in New Issue