scale certs

2026-06-16 15:08:11 +08:00 · 2023-02-11 22:31:39 +02:00
parent 8c17aaf07f
commit 2aa4b91cde
2 changed files with 55 additions and 13 deletions
--- a/library/common/1.0.0/docs/scaleCertificates.md
+++ b/library/common/1.0.0/docs/scaleCertificates.md
@@ -8,6 +8,8 @@
 | scaleCertificate.[cert-name].annotations |  `dict`   |    ❌    | ✅ (On value only) |  `{}`   | Additional annotations for secret             |
 | scaleCertificate.[cert-name].id          | `string`  |    ✅    |         ❌         |  `""`   | ID of the certificate in ixCertificates       |

+> A secret will be created with 2 keys in the data section: `crt` and `key`.
+
 ---

 Appears in:
@@ -32,3 +34,56 @@ scaleCertificate:
    annotations: {}
    id: 1
 ```
+
+Tip:
+
+You can mount certificate as a secret using the following snippet:
+
+```yaml
+scaleCertificate:
+  cert-name:
+    enabled: false
+    labels: {}
+    annotations: {}
+    id: 1
+
+persistence:
+  # This will mount it on the primary pod/container
+  cert-vol:
+    enabled: true
+    type: secret
+    objectName: cert-name
+    expandObjectName: true # You can omit this, it's the default
+    # subPath
+    mountPath: /path/to/mount/cert.crt
+    subPath: crt
+    # or items
+    mountPath: /path/to/mount
+    items:
+      - key: crt
+        path: cert.crt
+
+  # This will mount it on the specific pod/container
+  cert-vol:
+    enabled: true
+    type: secret
+    objectName: cert-name
+    expandObjectName: true # You can omit this, it's the default
+    # subPath
+    subPath: crt
+    targetSelector:
+      workload-name:
+        container-name:
+          mountPath: /path/to/mount/cert.crt
+          # subPath: crt (You can define subPath here as well, per container)
+    # or items
+    items:
+      - key: crt
+        path: cert.crt
+    targetSelector:
+      workload-name:
+        container-name:
+          mountPath: /path/to/mount
+
+# Both will result in a mounted file in the container at /path/to/mount/cert.crt
+```
--- a/library/common/1.0.0/values.yaml
+++ b/library/common/1.0.0/values.yaml
@@ -287,7 +287,6 @@ volumeClaimTemplates:
    #       subPath: ""
    #       mountPropagation: ""

-
 # -- SCALE GPU
 scaleGPU:
  - gpu:
@@ -308,15 +307,3 @@ scaleCertificate:
    annotations: {}
    # -- Certificate ID (Comes from SCALE)
    id: 1
-    # -- Default Paths that will be used on all defined containers
-    # Can be overruled per container under targetSelector
-    certPath: ""
-    keyPath: ""
-    # -- Defining a selector is only needed
-    # if you want to mount the certificate file(s)
-    # It will be mounted as readOnly
-    targetSelector:
-      pod-name:
-        container-name:
-          certPath: ""
-          keyPath: ""