fix: Inject ca-bundle into gitea container
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
b2ae56e54b
commit
90082ca36a
@ -34,6 +34,7 @@
|
||||
kubeconfig: "{{ kubeconfig.path }}"
|
||||
loop:
|
||||
- argo-cd
|
||||
- gitea
|
||||
# - kube-system
|
||||
|
||||
- name: Store root certificate in namespaced configmaps/secrets
|
||||
@ -63,6 +64,12 @@
|
||||
data:
|
||||
- key: git.{{ vapp['metacluster.fqdn'] }}
|
||||
value: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
|
||||
- name: step-certificates-certs
|
||||
namespace: gitea
|
||||
kind: secret
|
||||
data:
|
||||
- key: ca_chain.crt
|
||||
value: "{{ (stepca_cm_certs.resources[0].data['intermediate_ca.crt'] ~ _newline ~ stepca_cm_certs.resources[0].data['root_ca.crt']) | b64encode }}"
|
||||
- name: step-certificates-certs
|
||||
namespace: kube-system
|
||||
kind: secret
|
||||
|
@ -135,6 +135,16 @@ components:
|
||||
chart: gitea-charts/gitea
|
||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | sed '/:/!s/$/:latest/'
|
||||
chart_values: !unsafe |
|
||||
extraVolumes:
|
||||
- secret:
|
||||
defaultMode: 420
|
||||
name: step-certificates-certs
|
||||
name: step-certificates-certs
|
||||
extraVolumeMounts:
|
||||
- mountPath: /etc/ssl/certs/ca-chain.crt
|
||||
name: step-certificates-certs
|
||||
readOnly: true
|
||||
subPath: ca_chain.crt
|
||||
gitea:
|
||||
admin:
|
||||
username: administrator
|
||||
|
Loading…
Reference in New Issue
Block a user