github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/thanos/templates/http-certs-secret.yaml (about)

     1  {{- if and .Values.https.enabled (not .Values.https.existingSecret) }}
     2  {{- $secretName := printf "%s-http-certs-secret" (include "common.names.fullname" .) }}
     3  apiVersion: v1
     4  kind: Secret
     5  metadata:
     6    name: {{ $secretName }}
     7    namespace: {{ .Release.Namespace | quote }}
     8    labels: {{- include "common.labels.standard" . | nindent 4 }}
     9      {{- if .Values.commonLabels }}
    10      {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
    11      {{- end }}
    12    {{- if .Values.commonAnnotations }}
    13    annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
    14    {{- end }}
    15  type: Opaque
    16  data:
    17    {{- if .Values.https.autoGenerated }}
    18    {{- $ca := genCA "thanos-ca" 365 }}
    19    {{- $hostname := printf "%s" (include "common.names.fullname" .) }}
    20    {{- $cert := genSignedCert $hostname nil (list $hostname) 365 $ca }}
    21    {{ .Values.https.certFilename }}: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" .Values.https.certFilename "defaultValue" $cert.Cert "context" $) }}
    22    {{ .Values.https.keyFilename }}: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" .Values.https.keyFilename "defaultValue" $cert.Key "context" $) }}
    23    {{- if .Values.https.clientAuthType }}
    24    {{ .Values.https.caFilename }}: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" .Values.https.caFilename "defaultValue" $ca.Cert "context" $) }}
    25    {{- end }}
    26    {{- else }}
    27    {{ .Values.https.certFilename }}: {{ required "'https.cert' is required when 'https.enabled=true'" .Values.https.cert | b64enc | quote }}
    28    {{ .Values.https.keyFilename }}: {{ required "'https.key' is required when 'https.enabled=true'" .Values.https.key | b64enc | quote }}
    29    {{- if .Values.https.clientAuthType }}
    30    {{ .Values.https.caFilename }}: {{ required "'https.ca' is required when 'https.clientAuthType' is provided" .Values.https.ca | b64enc | quote }}
    31    {{- end }}
    32    {{- end }}
    33  {{- end }}