HTK: Change formatting of TLS Secret

Changed TLS secret to include CA in tls.crt if present Change-Id: Ieb3e182f48823e6b25ec427900b372b72f9a3b1e
2020-06-09 21:14:03 +00:00 · 2020-06-09 21:14:03 +00:00 · fef64e266e
commit fef64e266e
parent 6fa7dae7af
1 changed files with 63 additions and 32 deletions
--- a/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
@ -15,36 +15,66 @@ limitations under the License.
 {{/*
 abstract: |
  Creates a manifest for a services public tls secret
-values: |
-  secrets:
-    tls:
-      key_manager:
-        api:
-          public: barbican-tls-public
-  endpoints:
-    key_manager:
-      host_fqdn_override:
-        public:
-          tls:
-            crt: |
-              FOO-CRT
-            key: |
-              FOO-KEY
-            ca: |
-              FOO-CA_CRT
-usage: |
-  {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
-return: |
-  ---
-  apiVersion: v1
-  kind: Secret
-  metadata:
-    name: barbican-tls-public
-  type: kubernetes.io/tls
-  data:
-    tls.crt: Rk9PLUNSVAo=
-    tls.key: Rk9PLUtFWQo=
-    ca.crt: Rk9PLUNBX0NSVAo=
+examples:
+  - values: |
+      secrets:
+        tls:
+          key_manager:
+            api:
+              public: barbican-tls-public
+      endpoints:
+        key_manager:
+          host_fqdn_override:
+            public:
+              tls:
+                crt: |
+                  FOO-CRT
+                key: |
+                  FOO-KEY
+                ca: |
+                  FOO-CA_CRT
+  usage: |
+    {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
+  return: |
+    ---
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      name: barbican-tls-public
+    type: kubernetes.io/tls
+    data:
+      tls.key: Rk9PLUtFWQo=
+      tls.crt: Rk9PLUNSVAoKRk9PLUNBX0NSVAo=
+
+  - values: |
+      secrets:
+        tls:
+          key_manager:
+            api:
+              public: barbican-tls-public
+      endpoints:
+        key_manager:
+          host_fqdn_override:
+            public:
+              tls:
+                crt: |
+                  FOO-CRT
+                  FOO-INTERMEDIATE_CRT
+                  FOO-CA_CRT
+                key: |
+                  FOO-KEY
+  usage: |
+    {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
+  return: |
+    ---
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      name: barbican-tls-public
+    type: kubernetes.io/tls
+    data:
+      tls.key: Rk9PLUtFWQo=
+      tls.crt: Rk9PLUNSVApGT08tSU5URVJNRURJQVRFX0NSVApGT08tQ0FfQ1JUCg==
 */}}

 {{- define "helm-toolkit.manifests.secret_ingress_tls" }}
@ -65,10 +95,11 @@ metadata:
  name: {{ index $envAll.Values.secrets.tls ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
 type: kubernetes.io/tls
 data:
-  tls.crt: {{ $endpointHost.tls.crt | b64enc }}
  tls.key: {{ $endpointHost.tls.key | b64enc }}
 {{- if $endpointHost.tls.ca }}
-  ca.crt: {{ $endpointHost.tls.ca | b64enc }}
+  tls.crt: {{ list $endpointHost.tls.crt $endpointHost.tls.ca | join "\n" | b64enc }}
+{{- else }}
+  tls.crt: {{ $endpointHost.tls.crt | b64enc }}
 {{- end }}
 {{- end }}
 {{- end }}