Use different secrets for TLS and self-signed-cert (#14176)

Signed-off-by: Sergii Leshchenko <sleshche@redhat.com>
eclipse-che · Aug 12, 2019 · f24796b · f24796b
1 parent c31a25e
commit f24796b
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/deploy/kubernetes/helm/che/templates/deployment.yaml b/deploy/kubernetes/helm/che/templates/deployment.yaml
@@ -80,8 +80,8 @@ spec:
         - name: CHE_SELF__SIGNED__CERT
           valueFrom:
             secretKeyRef:
-              key: tls.crt
-              name: {{ .Values.global.tls.secretName  }}
+              key: ca.crt
+              name: {{ .Values.global.tls.selfSignedCertSecretName }}
               optional: false
         {{- end }}
 

diff --git a/deploy/kubernetes/helm/che/values.yaml b/deploy/kubernetes/helm/che/values.yaml
@@ -46,8 +46,9 @@ global:
     secretName: che-tls
 
     ## If self-signed certificate is enabled
-    ## then certificate from `tls.secretName` will be propagated to Che components' trust stores
+    ## then certificate from `tls.selfSignedCertSecretName` will be propagated to Che components' trust stores
     useSelfSignedCerts: false
+    selfSignedCertSecretName: self-signed-cert
 
   gitHubClientID: ""
   gitHubClientSecret: ""