HTK: Change formatting of TLS Secret

Changed TLS secret to include CA in tls.crt if present

Change-Id: Ieb3e182f48823e6b25ec427900b372b72f9a3b1e

helm-toolkit/templates/manifests/_secret-tls.yaml.tpl

@@ -15,36 +15,66 @@ limitations under the License.
 {{/*
 abstract: |
   Creates a manifest for a services public tls secret
-values: |
+examples:
-  secrets:
+  - values: |
-    tls:
+      secrets:
-      key_manager:
+        tls:
-        api:
+          key_manager:
-          public: barbican-tls-public
+            api:
-  endpoints:
+              public: barbican-tls-public
-    key_manager:
+      endpoints:
-      host_fqdn_override:
+        key_manager:
-        public:
+          host_fqdn_override:
-          tls:
+            public:
-            crt: |
+              tls:
-              FOO-CRT
+                crt: |
-            key: |
+                  FOO-CRT
-              FOO-KEY
+                key: |
-            ca: |
+                  FOO-KEY
-              FOO-CA_CRT
+                ca: |
-usage: |
+                  FOO-CA_CRT
-  {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
+  usage: |
-return: |
+    {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
-  ---
+  return: |
-  apiVersion: v1
+    ---
-  kind: Secret
+    apiVersion: v1
-  metadata:
+    kind: Secret
-    name: barbican-tls-public
+    metadata:
-  type: kubernetes.io/tls
+      name: barbican-tls-public
-  data:
+    type: kubernetes.io/tls
-    tls.crt: Rk9PLUNSVAo=
+    data:
-    tls.key: Rk9PLUtFWQo=
+      tls.key: Rk9PLUtFWQo=
-    ca.crt: Rk9PLUNBX0NSVAo=
+      tls.crt: Rk9PLUNSVAoKRk9PLUNBX0NSVAo=
+
+  - values: |
+      secrets:
+        tls:
+          key_manager:
+            api:
+              public: barbican-tls-public
+      endpoints:
+        key_manager:
+          host_fqdn_override:
+            public:
+              tls:
+                crt: |
+                  FOO-CRT
+                  FOO-INTERMEDIATE_CRT
+                  FOO-CA_CRT
+                key: |
+                  FOO-KEY
+  usage: |
+    {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
+  return: |
+    ---
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      name: barbican-tls-public
+    type: kubernetes.io/tls
+    data:
+      tls.key: Rk9PLUtFWQo=
+      tls.crt: Rk9PLUNSVApGT08tSU5URVJNRURJQVRFX0NSVApGT08tQ0FfQ1JUCg==
 */}}
 
 {{- define "helm-toolkit.manifests.secret_ingress_tls" }}
@@ -65,10 +95,11 @@ metadata:
   name: {{ index $envAll.Values.secrets.tls ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
 type: kubernetes.io/tls
 data:
-  tls.crt: {{ $endpointHost.tls.crt | b64enc }}
   tls.key: {{ $endpointHost.tls.key | b64enc }}
 {{- if $endpointHost.tls.ca }}
-  ca.crt: {{ $endpointHost.tls.ca | b64enc }}
+  tls.crt: {{ list $endpointHost.tls.crt $endpointHost.tls.ca | join "\n" | b64enc }}
+{{- else }}
+  tls.crt: {{ $endpointHost.tls.crt | b64enc }}
 {{- end }}
 {{- end }}
 {{- end }}