do not autogenerate ssl certs

cognifloyd · cognifloyd · commit 5e60f1502458 · 2021-11-11T11:53:30.000-06:00
If someone enables https, they need to provide certs via extra_volumes
diff --git a/templates/deployments.yaml b/templates/deployments.yaml
@@ -433,15 +433,11 @@ spec:
         - configMapRef:
             name: {{ .Release.Name }}-st2-urls
             optional: true
-    {{- if or .Values.st2web.use_https .Values.st2web.config .Values.st2web.postStartScript }}
+    {{- if or .Values.st2web.config .Values.st2web.postStartScript }}
         volumeMounts:
     {{- else }}
         volumeMounts: []
     {{- end }}
-        {{- if .Values.st2web.use_https }}
-          - name: st2web-ssl-certs-vol
-            mountPath: /etc/ssl/st2
-        {{- end }}
         {{- if .Values.st2web.config }}
           - name: st2web-config-vol
             mountPath: /opt/stackstorm/static/webui/config.js
@@ -461,21 +457,11 @@ spec:
     {{- if .Values.st2web.serviceAccount.attach }}
       serviceAccountName: {{ template "stackstorm-ha.serviceAccountName" . }}
     {{- end }}
-    {{- if or .Values.st2web.use_https .Values.st2web.config .Values.st2web.postStartScript }}
+    {{- if or .Values.st2web.config .Values.st2web.postStartScript }}
       volumes:
     {{- else }}
       volumes: []
     {{- end }}
-        {{- if .Values.st2web.use_https }}
-        - name: st2web-ssl-certs-vol
-          secret:
-            secretName: {{ .Release.Name }}-st2web-ssl-certs
-            items:
-              - key: ssl_certificate
-                path: st2.crt
-              - key: ssl_certificate_key
-                path: st2.key
-        {{- end }}
         {{- if .Values.st2web.config }}
         - name: st2web-config-vol
           configMap:
diff --git a/templates/secrets_st2web-ssl-certs.yaml b/templates/secrets_st2web-ssl-certs.yaml
diff --git a/values.yaml b/values.yaml
@@ -299,11 +299,6 @@ st2web:
     attach: false
   # Have st2web pod and service use HTTPS on port 443 when true. default: false (use HTTP on port 80)
   use_https: false
-  # User-defined st2web ssl certificate+key (ignored for http; defaults to autogenerated for https)
-  # ssl_certificate: |
-  #  # x.509 certficate
-  # ssl_certificate_key: |
-  #  # x.509 private key
   # User-defined st2web config with custom settings to replace default config.js
   # See https://github.com/StackStorm/st2web#connecting-to-st2-server for more info
   # config: |
