Skip to content

Commit bae7e3d

Browse files
jordanejordane
authored
Merge pull request #26 from linuxfoundation/jme/LFXV2-202
add heimdall certificates bundle
2 parents 51986ac + 07ee982 commit bae7e3d

File tree

4 files changed

+37
-5
lines changed

4 files changed

+37
-5
lines changed

charts/lfx-platform/Chart.lock

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,8 +26,11 @@ dependencies:
2626
- name: fga-operator
2727
repository: https://3schwartz.github.io/fga-operator/
2828
version: 1.0.0
29+
- name: cert-manager
30+
repository: https://charts.jetstack.io
31+
version: v1.18.2
2932
- name: trust-manager
3033
repository: https://charts.jetstack.io
3134
version: v0.18.0
32-
digest: sha256:61536bbfab1eafca462f82f4612470de2d1fab9f44bfd8e8ff3d5cfc4d770bc3
33-
generated: "2025-08-06T09:08:39.763963-07:00"
35+
digest: sha256:39213eb59f4710c62bea63fa3545c34e1b84e0f48353757d813ed727537f41e8
36+
generated: "2025-08-06T10:15:28.22001-07:00"

charts/lfx-platform/Chart.yaml

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ apiVersion: v2
55
name: lfx-platform
66
description: LFX Platform v2 Helm chart
77
type: application
8-
version: 0.1.8
8+
version: 0.1.9
99
icon: https://github.com/linuxfoundation/lfx-v2-helm/raw/main/img/lfx-logo-color.svg
1010
dependencies:
1111
- name: traefik
@@ -44,7 +44,11 @@ dependencies:
4444
repository: https://3schwartz.github.io/fga-operator/
4545
version: ~1.0.0
4646
condition: fga-operator.enabled
47+
- name: cert-manager
48+
repository: https://charts.jetstack.io
49+
version: ~1.18.2
50+
condition: cert-manager.enabled
4751
- name: trust-manager
4852
repository: https://charts.jetstack.io
4953
version: ~0.18.0
50-
condition: trust-manager-enabled
54+
condition: trustManagerEnabled

charts/lfx-platform/templates/heimdall/cert-bundle.yaml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
# Copyright The Linux Foundation and each contributor to LFX.
2+
# SPDX-License-Identifier: MIT
3+
---
4+
{{- if and .Values.lfx.generateHeimdallBundle.enabled (and .Values.heimdall.enabled .Values.trustManagerEnabled) -}}
5+
apiVersion: trust.cert-manager.io/v1alpha1
6+
kind: Bundle
7+
metadata:
8+
name: {{ .Values.lfx.generateHeimdallBundle.name }}
9+
spec:
10+
sources:
11+
- useDefaultCAs: true
12+
target:
13+
configMap:
14+
key: "{{ .Values.lfx.generateHeimdallBundle.configKey }}"
15+
16+
{{- end }}

charts/lfx-platform/values.yaml

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,11 @@ lfx:
1111
registry: linuxfoundation
1212
pullPolicy: IfNotPresent
1313

14+
generateHeimdallBundle:
15+
enabled: false
16+
name: heimdall-trust-bundle
17+
configKey: ca-certificates.crt
18+
1419
fga-operator:
1520
enabled: true
1621
# Non-chart value
@@ -394,7 +399,11 @@ nack:
394399
url: nats://lfx-platform-nats:4222
395400
additionalArgs: [--control-loop]
396401

397-
trust-manager-enabled: false
402+
cert-manager:
403+
enabled: false
404+
crds:
405+
enabled: true
406+
trustManagerEnabled: false
398407
trust-manager:
399408
crds:
400409
enabled: true

0 commit comments

Comments
 (0)