diff --git a/charts/postgreslet/templates/certificate.yaml b/charts/postgreslet/templates/certificate.yaml index 4d5581b..3671d44 100644 --- a/charts/postgreslet/templates/certificate.yaml +++ b/charts/postgreslet/templates/certificate.yaml @@ -1,3 +1,4 @@ +{{- if .Values.postgreslet.enableFsGroupChangePolicyWebhook }} {{- if .Values.postgreslet.tlsClusterIssuer }} --- apiVersion: cert-manager.io/v1 @@ -13,4 +14,5 @@ spec: kind: ClusterIssuer name: {{ .Values.postgreslet.tlsClusterIssuer | quote }} secretName: {{ include "postgreslet.fullname" . }}-webhook-tls +{{- end }} {{- end }} \ No newline at end of file diff --git a/charts/postgreslet/templates/deployment.yaml b/charts/postgreslet/templates/deployment.yaml index da2441c..7ee4b95 100644 --- a/charts/postgreslet/templates/deployment.yaml +++ b/charts/postgreslet/templates/deployment.yaml @@ -51,10 +51,12 @@ spec: - mountPath: /var/run/secrets/postgreslet name: controlplane-kubeconfig readOnly: true +{{- if .Values.postgreslet.enableFsGroupChangePolicyWebhook }} {{- if .Values.postgreslet.tlsClusterIssuer }} - mountPath: /tmp/k8s-webhook-server/serving-certs name: webhook-tls readOnly: true +{{- end }} {{- end }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} volumes: @@ -64,11 +66,13 @@ spec: - key: controlplane-kubeconfig path: kube/config secretName: {{ include "postgreslet.fullname" . }} +{{- if .Values.postgreslet.enableFsGroupChangePolicyWebhook }} {{- if .Values.postgreslet.tlsClusterIssuer }} - name: webhook-tls secret: defaultMode: 420 secretName: {{ include "postgreslet.fullname" . }}-webhook-tls +{{- end }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: