Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add support for client TLS certs #280

Closed
wants to merge 3 commits into from
Closed

feat: add support for client TLS certs #280

wants to merge 3 commits into from

Conversation

christian-roggia
Copy link
Contributor

Related issue

ory/oathkeeper#744

Demonsthere
Demonsthere requested changes Jun 24, 2021
View reviewed changes
Copy link
Collaborator

@Demonsthere Demonsthere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello there! Thanks for the PR :)
Got a few suggestions

helm/charts/oathkeeper/templates/deployment-controller.yaml Outdated
{{- if .Values.certs.enabled }}
- name: {{ include "oathkeeper.name" . }}-certs
secret:
secretName: {{- if .Values.certs.existingSecret }}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
secretName: {{- if .Values.certs.existingSecret }}
secretName: {{- .Values.certs.existingSecret }}

helm/charts/oathkeeper/templates/deployment-controller.yaml Outdated
@@ -42,16 +42,21 @@ spec:
- name: {{ include "oathkeeper.name" . }}-config-volume
configMap:
{{- if .Values.demo }}
name: {{ include "oathkeeper.fullname" . }}-config-demo
name: {{ include "oathkeeper.name" . }}-config-demo
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please do not change this, and use fullname. This allows installation of multiple instances without resource overlapping.

helm/charts/oathkeeper/templates/deployment-controller.yaml Outdated Show resolved Hide resolved
helm/charts/oathkeeper/templates/deployment-controller.yaml Outdated Show resolved Hide resolved
aeneasr
aeneasr requested changes Jul 5, 2021
View reviewed changes
Copy link
Member

@aeneasr aeneasr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would make sense to use the extraVolume pattern we have in Ory Kratos instead: https://github.com/ory/k8s/blob/master/helm/charts/kratos/values.yaml#L167-L179 :)

@christian-roggia
Copy link
Contributor Author

I can work on introducing that pattern

@aeneasr
Copy link
Member

aeneasr commented Jul 12, 2021

As per ory/oathkeeper#744 (comment) marking this as draft

@aeneasr aeneasr marked this pull request as draft July 12, 2021 12:24
@tobbbles
Copy link
Contributor

There's a hard and fast addition of extraVolume's at #330 - I found myself to need it to get TLS certs into the pod :)

@Demonsthere
Copy link
Collaborator

I'd say lets deprecate this PR in favour of #330. @christian-roggia are you ok with this?

@christian-roggia
Copy link
Contributor Author

Yes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeneasr aeneasr aeneasr requested changes

@Demonsthere Demonsthere Demonsthere requested changes

@piotrmsc piotrmsc Awaiting requested review from piotrmsc piotrmsc will be requested when the pull request is marked ready for review piotrmsc is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@christian-roggia @aeneasr @tobbbles @Demonsthere