-
Notifications
You must be signed in to change notification settings - Fork 495
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automate generation of TLS Certs using Helm #779
Automate generation of TLS Certs using Helm #779
Conversation
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Codecov Report
@@ Coverage Diff @@
## master #779 +/- ##
==========================================
+ Coverage 74.85% 78.22% +3.36%
==========================================
Files 111 162 +51
Lines 3345 4354 +1009
==========================================
+ Hits 2504 3406 +902
- Misses 656 734 +78
- Partials 185 214 +29
|
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
@rahulchheda can you update the README there as well? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contribution.
minor changes requested. please update the README.md for this feature.
{{ .Files.Get "data/server.key" | b64enc }} | ||
cert: |- | ||
{{ .Files.Get "data/server.crt" | b64enc }} | ||
{{- if and (eq "" .Values.secrets.tlsCertFilePath) (eq "" .Values.secrets.tlsKeyFilePath) }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
either we should use or
operator here or we should have additional else if cases that handle the cases where key is blank but cert is defined and vice versa.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and
would do the trick in this case, if any of the 2 keys are missing, it will error out somewhat like this: unknown object type "nil" in Secret.data.tls.crt
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
great!
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
…eature/auto-gen-secret Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
…eature/auto-gen-secret Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
Kudos, SonarCloud Quality Gate passed!
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Working for me.
In this PR, I tried to create self-signed certificate for Terrascan Admission Controller using Helm. This seems to be a very simple implementation for this.
Signed-off-by: Rahul M Chheda rahul.chheda@accurics.com