diff --git a/helm/teleport-kube-agent/templates/_config.tpl b/helm/teleport-kube-agent/templates/_config.tpl index adb708d..565e809 100644 --- a/helm/teleport-kube-agent/templates/_config.tpl +++ b/helm/teleport-kube-agent/templates/_config.tpl @@ -128,16 +128,6 @@ discovery_service: enabled: false {{- end }} -jamf_service: - {{- if contains "jamf" (.Values.roles | toString) }} - enabled: true - api_endpoint: {{ required "jamfApiEndpoint is required in chart values when jamf role is enabled, see README" .Values.jamfApiEndpoint }} - client_id: {{ required "jamfClientId is required in chart values when jamf role is enabled, see README" .Values.jamfClientId }} - client_secret_file: "/etc/teleport-jamf-api-credentials/credential" - {{- else }} - enabled: false - {{- end }} - auth_service: enabled: false ssh_service: diff --git a/helm/teleport-kube-agent/templates/deployment.yaml b/helm/teleport-kube-agent/templates/deployment.yaml index 97b020d..592ee4e 100644 --- a/helm/teleport-kube-agent/templates/deployment.yaml +++ b/helm/teleport-kube-agent/templates/deployment.yaml @@ -111,11 +111,11 @@ spec: name: "teleport-tls-ca" readOnly: true {{- end }} - {{- if contains "jamf" (.Values.roles | toString) }} - - mountPath: /etc/teleport-jamf-api-credentials - name: "jamf-api-credentials" - readOnly: true - {{- end }} + # {{- if contains "jamf" (.Values.roles | toString) }} + #- mountPath: /etc/teleport-jamf-api-credentials + # name: "jamf-api-credentials" + # readOnly: true + # {{- end }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 8 }} {{- end }} @@ -201,11 +201,11 @@ spec: name: "teleport-tls-ca" readOnly: true {{- end }} - {{- if contains "jamf" (.Values.roles | toString) }} - - mountPath: /etc/teleport-jamf-api-credentials - name: "jamf-api-credentials" - readOnly: true - {{- end }} + # {{- if contains "jamf" (.Values.roles | toString) }} + #- mountPath: /etc/teleport-jamf-api-credentials + # name: "jamf-api-credentials" + # readOnly: true + # {{- end }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 8 }} {{- end }} @@ -228,11 +228,11 @@ spec: secret: secretName: {{ .Values.tls.existingCASecretName }} {{- end }} - {{- if contains "jamf" (.Values.roles | toString) }} - - name: "jamf-api-credentials" - secret: - secretName: {{ .Values.jamfCredentialsSecret.name }} - {{- end }} + #{{- if contains "jamf" (.Values.roles | toString) }} + #- name: "jamf-api-credentials" + # secret: + # secretName: {{ .Values.jamfCredentialsSecret.name }} + #{{- end }} {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 6 }} {{- end }} diff --git a/helm/teleport-kube-agent/templates/secret.yaml b/helm/teleport-kube-agent/templates/secret.yaml index 3489968..615c79c 100644 --- a/helm/teleport-kube-agent/templates/secret.yaml +++ b/helm/teleport-kube-agent/templates/secret.yaml @@ -17,23 +17,22 @@ stringData: auth-token: | {{ coalesce .Values.joinParams.tokenName .Values.authToken }} {{- end}} - -{{- if and (contains "jamf" (.Values.roles | toString)) .Values.jamfCredentialsSecret.create }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Values.jamfCredentialsSecret.name }} - namespace: {{ .Release.Namespace }} - {{- if .Values.extraLabels.secret }} - labels: - {{- toYaml .Values.extraLabels.secret | nindent 4 }} - {{- end }} - {{- if .Values.annotations.secret }} - annotations: - {{- toYaml .Values.annotations.secret | nindent 4 }} - {{- end }} -type: Opaque -stringData: - credential: {{ required "jamfClientSecret is required in chart values when jamf role is enabled, see README" .Values.jamfClientSecret }} -{{- end}} +#{{- if and (contains "jamf" (.Values.roles | toString)) .Values.jamfCredentialsSecret.create }} +#--- +#apiVersion: v1 +#kind: Secret +#metadata: +# name: {{ .Values.jamfCredentialsSecret.name }} +# namespace: {{ .Release.Namespace }} +# {{- if .Values.extraLabels.secret }} +# labels: +# {{- toYaml .Values.extraLabels.secret | nindent 4 }} +# {{- end }} +# {{- if .Values.annotations.secret }} +# annotations: +# {{- toYaml .Values.annotations.secret | nindent 4 }} +# {{- end }} +#type: Opaque +#stringData: +# credential: {{ required "jamfClientSecret is required in chart values when jamf role is enabled, see README" .Values.jamfClientSecret }} +#{{- end}} diff --git a/helm/teleport-kube-agent/templates/statefulset.yaml b/helm/teleport-kube-agent/templates/statefulset.yaml index 34de30b..3935049 100644 --- a/helm/teleport-kube-agent/templates/statefulset.yaml +++ b/helm/teleport-kube-agent/templates/statefulset.yaml @@ -107,11 +107,11 @@ spec: name: "teleport-tls-ca" readOnly: true {{- end }} - {{- if contains "jamf" (.Values.roles | toString) }} - - mountPath: /etc/teleport-jamf-api-credentials - name: "jamf-api-credentials" - readOnly: true - {{- end }} + # {{- if contains "jamf" (.Values.roles | toString) }} + #- mountPath: /etc/teleport-jamf-api-credentials + # name: "jamf-api-credentials" + # readOnly: true + # {{- end }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 8 }} {{- end }} @@ -227,11 +227,11 @@ spec: name: "teleport-tls-ca" readOnly: true {{- end }} -{{- if contains "jamf" (.Values.roles | toString) }} - - mountPath: /etc/teleport-jamf-api-credentials - name: "jamf-api-credentials" - readOnly: true -{{- end }} +#{{- if contains "jamf" (.Values.roles | toString) }} +# - mountPath: /etc/teleport-jamf-api-credentials +# name: "jamf-api-credentials" +# readOnly: true +#{{- end }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 8 }} {{- end }} @@ -254,11 +254,11 @@ spec: secret: secretName: {{ .Values.tls.existingCASecretName }} {{- end }} -{{- if contains "jamf" (.Values.roles | toString) }} - - name: "jamf-api-credentials" - secret: - secretName: {{ .Values.jamfCredentialsSecret.name }} -{{- end }} +#{{- if contains "jamf" (.Values.roles | toString) }} +# - name: "jamf-api-credentials" +# secret: +# secretName: {{ .Values.jamfCredentialsSecret.name }} +#{{- end }} {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 6 }} {{- end }}