Adding -use-https flag to client-daemonset.yaml when externalServers …

…are enabled
hashicorp · Mar 14, 2022 · 7a56bb8 · 7a56bb8
1 parent c6072a1
commit 7a56bb8
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/charts/consul/templates/client-daemonset.yaml b/charts/consul/templates/client-daemonset.yaml
@@ -478,10 +478,16 @@ spec:
           value: "/consul/tls/ca/tls.crt"
           {{- end }}
         {{- end }}
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
         command:
           - "/bin/sh"
           - "-ec"
           - |
+            CONSUL_FULLNAME="{{template "consul.fullname" . }}"
+
             consul-k8s-control-plane acl-init \
               -component-name=client \
               -acl-auth-method="{{ template "consul.fullname" . }}-k8s-component-auth-method" \
@@ -490,20 +496,23 @@ spec:
               {{- end }}
               -log-level={{ default .Values.global.logLevel .Values.client.logLevel }} \
               -log-json={{ .Values.global.logJSON }} \
-              -init-type="client" \
               {{- if .Values.externalServers.enabled }}
+              {{- if .Values.global.tls.enabled }}
+              -use-https \
+              {{- end }}
               {{- range .Values.externalServers.hosts }}
               -server-address={{ quote . }} \
               {{- end }}
               -server-port={{ .Values.externalServers.httpsPort }} \
               {{- if .Values.externalServers.tlsServerName }}
-                -tls-server-name={{ .Values.externalServers.tlsServerName }} \
+              -tls-server-name={{ .Values.externalServers.tlsServerName }} \
               {{- end }}
               {{- else }}
               {{- range $index := until (.Values.server.replicas | int) }}
               -server-address="${CONSUL_FULLNAME}-server-{{ $index }}.${CONSUL_FULLNAME}-server.${NAMESPACE}.svc" \
               {{- end }}
               {{- end }}
+              -init-type="client"
         volumeMounts:
           - name: aclconfig
             mountPath: /consul/aclconfig

diff --git a/charts/consul/test/unit/client-daemonset.bats b/charts/consul/test/unit/client-daemonset.bats
@@ -1355,6 +1355,7 @@ local actual=$(echo $object |
   local command=$(helm template \
       -s templates/client-daemonset.yaml  \
       --set 'global.acls.manageSystemACLs=true' \
+      --set 'global.tls.enabled=true'  \
       --set 'externalServers.enabled=true'  \
       --set 'server.enabled=false' \
       --set 'externalServers.hosts[0]=computer'  \