From d813ac4fde24f350e5be77db8f7d21ca84e613b3 Mon Sep 17 00:00:00 2001 From: Robert Bailey Date: Sat, 25 Sep 2021 05:09:14 +0000 Subject: [PATCH] Skip the secrets and volume mounts in the allocator pod when they aren't needed (e.g. TLS or mTLS is disabled). --- install/helm/agones/templates/service/allocation.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/install/helm/agones/templates/service/allocation.yaml b/install/helm/agones/templates/service/allocation.yaml index 4bc903f0f0..84301adcb1 100644 --- a/install/helm/agones/templates/service/allocation.yaml +++ b/install/helm/agones/templates/service/allocation.yaml @@ -117,13 +117,17 @@ spec: {{ toYaml .Values.agones.allocator.tolerations | indent 8 }} {{- end }} serviceAccountName: {{ $.Values.agones.serviceaccount.allocator.name }} + {{- if eq .Values.agones.allocator.disableTLS false }} volumes: - name: tls secret: secretName: allocator-tls + {{- if eq .Values.agones.allocator.disableMTLS false }} - name: client-ca secret: secretName: allocator-client-ca + {{- end }} + {{- end }} containers: - name: agones-allocator image: "{{ .Values.agones.image.registry }}/{{ .Values.agones.image.allocator.name}}:{{ default .Values.agones.image.tag .Values.agones.image.allocator.tag }}" @@ -197,13 +201,17 @@ spec: - name: {{ .Values.agones.allocator.service.grpc.portName }} containerPort: {{ .Values.agones.allocator.service.grpc.targetPort }} {{- end }} + {{- if eq .Values.agones.allocator.disableTLS false }} volumeMounts: - mountPath: /home/allocator/tls name: tls readOnly: true + {{- if eq .Values.agones.allocator.disableMTLS false }} - mountPath: /home/allocator/client-ca name: client-ca readOnly: true + {{- end }} + {{- end }} {{- if .Values.agones.allocator.resources }} resources: {{ toYaml .Values.agones.allocator.resources | indent 10 }}