From f24796bd2afee7ca8614c7cdb1ea8c5147cb434f Mon Sep 17 00:00:00 2001 From: Sergii Leshchenko Date: Mon, 12 Aug 2019 13:01:55 +0300 Subject: [PATCH] Use different secrets for TLS and self-signed-cert (#14176) Signed-off-by: Sergii Leshchenko --- deploy/kubernetes/helm/che/templates/deployment.yaml | 4 ++-- deploy/kubernetes/helm/che/values.yaml | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/deploy/kubernetes/helm/che/templates/deployment.yaml b/deploy/kubernetes/helm/che/templates/deployment.yaml index aefd744f401..b8588f581dc 100644 --- a/deploy/kubernetes/helm/che/templates/deployment.yaml +++ b/deploy/kubernetes/helm/che/templates/deployment.yaml @@ -80,8 +80,8 @@ spec: - name: CHE_SELF__SIGNED__CERT valueFrom: secretKeyRef: - key: tls.crt - name: {{ .Values.global.tls.secretName }} + key: ca.crt + name: {{ .Values.global.tls.selfSignedCertSecretName }} optional: false {{- end }} diff --git a/deploy/kubernetes/helm/che/values.yaml b/deploy/kubernetes/helm/che/values.yaml index 9cc5c0d909f..6ce17a47b3c 100644 --- a/deploy/kubernetes/helm/che/values.yaml +++ b/deploy/kubernetes/helm/che/values.yaml @@ -46,8 +46,9 @@ global: secretName: che-tls ## If self-signed certificate is enabled - ## then certificate from `tls.secretName` will be propagated to Che components' trust stores + ## then certificate from `tls.selfSignedCertSecretName` will be propagated to Che components' trust stores useSelfSignedCerts: false + selfSignedCertSecretName: self-signed-cert gitHubClientID: "" gitHubClientSecret: ""