Skip to content
This repository has been archived by the owner on Feb 22, 2022. It is now read-only.

[stable/rabbitmq] Changed RabbitMQ TLS secret type to kubernetes.io/tls. #20907

Merged
merged 1 commit into from
Feb 27, 2020
Merged

[stable/rabbitmq] Changed RabbitMQ TLS secret type to kubernetes.io/tls. #20907

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion stable/rabbitmq/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v1
name: rabbitmq
version: 6.18.0
version: 6.18.1
appVersion: 3.8.2
description: Open source message broker software that implements the Advanced Message Queuing Protocol (AMQP)
keywords:
Expand Down
2 changes: 1 addition & 1 deletion stable/rabbitmq/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -342,7 +342,7 @@ You must include in your values.yaml the caCertificate, serverCertificate and se
-----END RSA PRIVATE KEY-----
```

This will be generate a secret with the certs, but is possible specify an existing secret using `existingSecret: name-of-existing-secret-to-rabbitmq`
This will be generate a secret with the certs, but is possible specify an existing secret using `existingSecret: name-of-existing-secret-to-rabbitmq`. The secret is of type `kubernetes.io/tls`.

Disabling [failIfNoPeerCert](https://www.rabbitmq.com/ssl.html#peer-verification-configuration) allows a TLS connection if client fails to provide a certificate

Expand Down
8 changes: 4 additions & 4 deletions stable/rabbitmq/templates/certs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@ metadata:
chart: {{ template "rabbitmq.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
type: Opaque
type: kubernetes.io/tls
data:
ca_certificate.pem:
ca.crt:
{{ required "A valid .Values.rabbitmq.tls.caCertificate entry required!" .Values.rabbitmq.tls.caCertificate | b64enc | quote }}
server_certificate.pem:
tls.crt:
{{ required "A valid .Values.rabbitmq.tls.serverCertificate entry required!" .Values.rabbitmq.tls.serverCertificate| b64enc | quote }}
server_key.pem:
tls.key:
{{ required "A valid .Values.rabbitmq.tls.serverKey entry required!" .Values.rabbitmq.tls.serverKey | b64enc | quote }}
{{- end }}
6 changes: 3 additions & 3 deletions stable/rabbitmq/templates/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -311,11 +311,11 @@ spec:
secret:
secretName: {{ if .Values.rabbitmq.tls.existingSecret }}{{ .Values.rabbitmq.tls.existingSecret }}{{- else }}{{ template "rabbitmq.fullname" . }}-certs{{- end }}
items:
- key: ca_certificate.pem
- key: ca.crt
path: ca_certificate.pem
- key: server_certificate.pem
- key: tls.crt
path: server_certificate.pem
- key: server_key.pem
- key: tls.key
path: server_key.pem
{{- end }}
- name: config-volume
Expand Down