K8S-2780: fix tls cert regeneration

Upgrading tls cluster was failing because regeneration of certs/keys did not include all of the information from previous version/release of the chart.
couchbase-partners · Jul 12, 2022 · 68cc563 · 68cc563
1 parent b040ba8
commit 68cc563
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/charts/couchbase-operator/Chart.yaml b/charts/couchbase-operator/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: couchbase-operator
 description: A Helm chart to deploy the Couchbase Autonomous Operator for easily deploying, managing, and maintaining Couchbase Clusters. Couchbase Server is a NoSQL document database with a distributed architecture for performance, scalability, and availability. It enables developers to build applications easier and faster by leveraging the power of SQL with the flexibility of JSON.
-version: 2.30.3
+version: 2.30.4
 appVersion: 2.3.0
 type: application
 keywords:

diff --git a/charts/couchbase-operator/templates/_helpers.tpl b/charts/couchbase-operator/templates/_helpers.tpl
@@ -421,10 +421,12 @@ Generate certificates for couchbase-cluster with native TLS formatting.
 {{- define "couchbase-cluster.tls" -}}
 {{- $serverSecret := (lookup "v1" "Secret" .Release.Namespace (include "couchbase-cluster.tls.server-secret" .)) -}}
 {{- $clientSecret := (lookup "v1" "Secret" .Release.Namespace (include "couchbase-cluster.tls.operator-secret" .)) -}}
+{{- $caSecret := (lookup "v1" "Secret" .Release.Namespace (include "couchbase-cluster.tls.ca-secret" .)) -}}
 {{- if (and $serverSecret $clientSecret ) -}}
+caCert: {{ index $caSecret.data "tls.crt" }}
 serverCert: {{ index $serverSecret.data "tls.crt" }}
 serverKey: {{ index $serverSecret.data "tls.key" }}
-clientCert: {{ index $clientSecret.data "tls.pem" }}
+clientCert: {{ index $clientSecret.data "tls.crt" }}
 clientKey: {{ index $clientSecret.data "tls.key" }}
 {{- else -}}
 {{- $expiration := (.Values.tls.expiration | int) -}}