diff --git a/helm/README.md b/helm/README.md index 252722a..e1af0f3 100644 --- a/helm/README.md +++ b/helm/README.md @@ -70,8 +70,8 @@ The following table lists the configurable parameters of the chart and their def | persistence.size | string | Defines PV size | `'10Gi'` | | public_env_variables | hash | Defines list of environment variables to be passed to the Analytics | | | configProperties | hash | Configuration properties that should be passed to the application in `owanalytics.properties`. May be passed by key in set (i.e. `configProperties."rtty\.token"`) | | -| certs | hash | Defines files (keys and certificates) that should be passed to the Analytics (PEM format is adviced to be used) (see `volumes.owanalytics` on where it is mounted) | | - +| existingCertsSecret | string | Existing Kubernetes secret containing all required certificates and private keys for microservice operation. If set, certificates from `certs` key are ignored | `""` | +| certs | hash | Defines files (keys and certificates) that should be passed to the Gateway (PEM format is adviced to be used) (see `volumes.owanalytics` on where it is mounted). If `existingCertsSecret` is set, certificates passed this way will not be used. | | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, diff --git a/helm/values.yaml b/helm/values.yaml index ac3d86a..cf89f5d 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -71,7 +71,7 @@ volumes: mountPath: /owanalytics-data/certs volumeDefinition: | secret: - secretName: {{ include "owanalytics.fullname" . }}-certs + secretName: {{ if .Values.existingCertsSecret }}{{ .Values.existingCertsSecret }}{{ else }}{{ include "owanalytics.fullname" . }}-certs{{ end }} # Change this if you want to use another volume type - name: persist mountPath: /owanalytics-data/persist @@ -198,6 +198,9 @@ configProperties: storage.type.mysql.username: stephb storage.type.mysql.password: snoopy99 +# NOTE: List of required certificates may be found in "certs" key. Alternative way to pass required certificates is to create external secret with all required certificates and set secret name in "existingCertsSecret" key. Details may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy/tree/main/chart#tldr +existingCertsSecret: "" + certs: # restapi-ca.pem: "" # restapi-cert.pem: ""