Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proxy-scanner chart - it should be possible to use existing secret to provide certs #241

Open
d-mankowski-synerise opened this issue Apr 28, 2024 · 0 comments
Open

proxy-scanner chart - it should be possible to use existing secret to provide certs #241

d-mankowski-synerise opened this issue Apr 28, 2024 · 0 comments

Comments

@d-mankowski-synerise
Copy link

Right now, the logic in proxy-scanner chart is as follows:

  • always create a secret
  • if skipCert is set to false, then add data to this secret

This logic is broken, because of 3 reasons:

  • deployment of chart will always create a resource, even if does not contain any data (or overwrite existing secret)
  • it forces to key in plain text (certs.serverKey)
  • name of the secret is fixed ({{ .Values.name }}-certs)

Instead, it should work like in lacework-agent, where it is possible to provide name of existing secret (https://github.com/lacework/helm-charts/blob/main/lacework-agent/templates/daemonset.yaml#L61)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@d-mankowski-synerise