Adding trust cert feature to operator

craigmiller160 · craigmiller160 · commit cf43a47a4187 · 2024-07-17T20:51:15.000-04:00
diff --git a/charts/connect/README.md b/charts/connect/README.md
@@ -128,6 +128,7 @@ helm install --set connect.applicationName=connect connect ./connect
 | operator.watchNamespace             | list       | `[]`                               | A list of namespaces for the 1Password Operator to watch and manage. Use the empty list to watch all namespaces.                                                                                   |
 | operator.resources                  | object     | `{}`                               | The resources requests/limits for the 1Password Operator pod                                                                                                                                       |
 | operator.customEnvVars              | array      | `[]`                               | Custom environment variables for the 1Password Operator container that are not specified in this helm chart.                                                                                       |
+| operator.tls.trust.secret           | string     | `op-connect-tls`                   | The name of the secret containing the TLS certificate (tls.crt) used by the 1Password Connect API. This is used if that cert is a self-signed cert that needs to be trusted by the Operator.       |
 
 #### Custom Environment Variables
 
diff --git a/charts/connect/templates/operator-deployment.yaml b/charts/connect/templates/operator-deployment.yaml
@@ -39,6 +39,12 @@ spec:
       tolerations:
 {{ toYaml .Values.operator.tolerations | indent 8 }}
       serviceAccountName: {{ .Values.operator.serviceAccount.name }}
+      volumes:
+        {{- if .Values.operator.tls.trust.secret }}
+        - name: tls-trust
+          secret:
+            secretName: {{ .Values.operator.tls.trust.secret }}
+        {{- end }}
       containers:
         - name: {{ .Values.connect.applicationName }}
           image: {{ .Values.operator.imageRepository }}:{{ .Values.operator.version | default "latest" }}
@@ -75,7 +81,16 @@ spec:
             {{- range .Values.operator.customEnvVars}}
             - name: {{ .name }}
               value: {{ .value }}
-            {{- end }} 
+            {{- end }}
+            {{- if .Values.operator.tls.trust.secret }}
+            - name: SSL_CERT_FILE
+              value: /tls/trust/tls.crt
+            {{- end }}
           resources:
             {{- toYaml .Values.operator.resources | nindent 12 }}
+          volumeMounts:
+            {{- if .Values.operator.tls.trust.secret }}
+            - mountPath: /tls/trust
+              name: tls-trust
+            {{- end}}
 {{- end }}
