From 2c87c2d8c1a704cf007f2bcfeabdaa5d8bcfecd1 Mon Sep 17 00:00:00 2001 From: ividito Date: Fri, 22 Nov 2024 12:28:49 -0400 Subject: [PATCH] fix(support): Add passthrough for ca bundle secret into metrics server --- helm-chart/eoapi-support/templates/_helpers.tpl | 15 +++++++++++++++ helm-chart/eoapi-support/values.yaml | 6 +++++- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 helm-chart/eoapi-support/templates/_helpers.tpl diff --git a/helm-chart/eoapi-support/templates/_helpers.tpl b/helm-chart/eoapi-support/templates/_helpers.tpl new file mode 100644 index 00000000..c9ea0f75 --- /dev/null +++ b/helm-chart/eoapi-support/templates/_helpers.tpl @@ -0,0 +1,15 @@ +{{/* +Fetch the CA Bundle from a specified secret if enabled +*/}} +{{- define "eoapi-support.fetchCaBundle" -}} +{{- if .Values.enableCaBundleFetch -}} + {{- $secretName := .Values.caBundleSecretName | default "eoepca-ca-secret" -}} + {{- $caBundle := "" -}} + {{- with (lookup "v1" "Secret" "default" $secretName) -}} + {{- $caBundle = index .data "ca.crt" | b64dec -}} + {{- end -}} + {{- $caBundle -}} +{{- else -}} + "" # Return an empty string if not enabled +{{- end -}} +{{- end -}} diff --git a/helm-chart/eoapi-support/values.yaml b/helm-chart/eoapi-support/values.yaml index fbf95b40..32ed45a2 100644 --- a/helm-chart/eoapi-support/values.yaml +++ b/helm-chart/eoapi-support/values.yaml @@ -1,3 +1,8 @@ +# when enabled, metrics-server will use the caBundle from the provided secret +# ref: https://github.com/developmentseed/eoapi-k8s/issues/154 +enableCaBundleFetch: false +caBundleSecretName: "" + # most of this was cribbed from https://github.com/2i2c-org/infrastructure/blob/master/helm-charts/support/ # so giving props where props are due to Yuvi Panda :sparkles: prometheus-adapter: @@ -163,7 +168,6 @@ grafana: dashboardsConfigMaps: default: "eoapi-dashboards" - metrics-server: apiService: create: true