Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[HELM] Ability to specify certificate.secretReference.keyPath when using driver etcd #601

Open
vriabyk opened this issue Oct 18, 2024 · 2 comments
Open

[HELM] Ability to specify certificate.secretReference.keyPath when using driver etcd #601

vriabyk opened this issue Oct 18, 2024 · 2 comments
Labels
bug Something isn't working good first issue Good for newcomers helm Changes addresses in the Helm chart

Comments

@vriabyk
Copy link

vriabyk commented Oct 18, 2024

Hello,

I am trying to deploy kamaji via helm chart (1.0.0 version) and wanna use external etcd server for datastore. I use aenix-io/etcd-operator to deploy etcd cluster.

If I deploy full example, it successfully deploys etcd cluster with all certificates, secrets and datastore. I can successfully deploy TenantControlPlane object after it and it becomes ready.

As you can see Datastore from this example has the following tlsConfig:

      tlsConfig:
        certificateAuthority:
          certificate:
            secretReference:
              keyPath: tls.crt
              name: etcd-ca-tls
              namespace: kamaji-system
          privateKey:
            secretReference:
              keyPath: tls.key
              name: etcd-ca-tls
              namespace: kamaji-system
        clientCertificate:
          certificate:
            secretReference:
              keyPath: tls.crt
              name: etcd-client-tls
              namespace: kamaji-system
          privateKey:
            secretReference:
              keyPath: tls.key
              name: etcd-client-tls
              namespace: kamaji-system

so it looks for tls.crt and tls.key in both secrets and both secrets really have such keys. But if I wanna use datastore from the helm chart and specify such tlsConfig in values - it doesn't work, because it is being overwritten in the _helpers_datastore.tpl. It looks like a bug in helm chart to me.

Please let me know if I missed something.
@prometherion
Copy link
Member

Yes, it seems a bug, we should use a different condition there.

Are you able to provide a fix? Contributions are warmly welcomed!

@prometherion prometherion added bug Something isn't working good first issue Good for newcomers helm Changes addresses in the Helm chart labels Oct 21, 2024
@prometherion
Copy link
Member

@kvaps @gecube I know you're combining Kamaji and the etcd-operator, wondering if you could chime in the discussion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers helm Changes addresses in the Helm chart
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@prometherion @vriabyk