deploy: add API cert config map values

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
This commit is contained in:
Ryan Richard 2020-08-20 17:13:02 -04:00 committed by Andrew Keesler
parent 89b6b9ee44
commit 88f3b41e71
No known key found for this signature in database
GPG Key ID: 27CE0444346F9413
2 changed files with 10 additions and 0 deletions

View File

@ -29,6 +29,10 @@ data:
webhook:
url: (@= data.values.webhook_url @)
caBundle: (@= data.values.webhook_ca_bundle @)
api:
servingCertificate:
durationSeconds: (@= str(data.values.api_serving_certificate_duration_seconds) @)
renewBeforeSeconds: (@= str(data.values.api_serving_certificate_renew_before_seconds) @)
---
#@ if data.values.image_pull_dockerconfigjson and data.values.image_pull_dockerconfigjson != "":
apiVersion: v1

View File

@ -17,3 +17,9 @@ discovery_url: #! e.g., https://example.com
#! e.g. the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]'
image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}
#! Specify the duration and renewal interval for the API serving certificate.
#! The defaults are set to expire the cert about every 30 days, and to rotate it
#! about every 25 days.
api_serving_certificate_duration_seconds: 2592000
api_serving_certificate_renew_before_seconds: 2160000