Skip to content

Commit

Permalink
Don't render (or reference0 webhook certificate when webhook is disabled
Browse files Browse the repository at this point in the history
  • Loading branch information
eberlep committed Nov 8, 2024
1 parent 587fe6c commit 6561969
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
2 changes: 2 additions & 0 deletions charts/postgreslet/templates/certificate.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.postgreslet.enableFsGroupChangePolicyWebhook }}
{{- if .Values.postgreslet.tlsClusterIssuer }}
---
apiVersion: cert-manager.io/v1
Expand All @@ -13,4 +14,5 @@ spec:
kind: ClusterIssuer
name: {{ .Values.postgreslet.tlsClusterIssuer | quote }}
secretName: {{ include "postgreslet.fullname" . }}-webhook-tls
{{- end }}
{{- end }}
4 changes: 4 additions & 0 deletions charts/postgreslet/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,12 @@ spec:
- mountPath: /var/run/secrets/postgreslet
name: controlplane-kubeconfig
readOnly: true
{{- if .Values.postgreslet.enableFsGroupChangePolicyWebhook }}
{{- if .Values.postgreslet.tlsClusterIssuer }}
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: webhook-tls
readOnly: true
{{- end }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
volumes:
Expand All @@ -64,11 +66,13 @@ spec:
- key: controlplane-kubeconfig
path: kube/config
secretName: {{ include "postgreslet.fullname" . }}
{{- if .Values.postgreslet.enableFsGroupChangePolicyWebhook }}
{{- if .Values.postgreslet.tlsClusterIssuer }}
- name: webhook-tls
secret:
defaultMode: 420
secretName: {{ include "postgreslet.fullname" . }}-webhook-tls
{{- end }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
Expand Down

0 comments on commit 6561969

Please sign in to comment.