From f91e3c4e9255a5d9ac73ac9c1a166b705b1a56bf Mon Sep 17 00:00:00 2001
From: Andrew Lavery <laverya@umich.edu>
Date: Wed, 11 Sep 2024 12:20:11 -0400
Subject: [PATCH] do not include CA configmap in helm chart, use it by
 reference (#59)

* do not include CA configmap in helm chart, use it by reference

* allow the configmap not to be defined without error
---
 templates/configmap-private-cas.yaml | 12 ------------
 templates/kotsadm-deployment.yaml    |  9 ++++++++-
 values.yaml.tmpl                     |  4 +++-
 3 files changed, 11 insertions(+), 14 deletions(-)
 delete mode 100644 templates/configmap-private-cas.yaml

diff --git a/templates/configmap-private-cas.yaml b/templates/configmap-private-cas.yaml
deleted file mode 100644
index 4d9ed04..0000000
--- a/templates/configmap-private-cas.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: kotsadm-private-cas
-{{- if (not (empty .Values.privateCAs)) }}
-data:
-{{- range $key, $value := .Values.privateCAs }}
-  {{ $key }}: {{ $value | quote }}
-{{- end }}
-{{- else }}
-data: {}
-{{- end }}
diff --git a/templates/kotsadm-deployment.yaml b/templates/kotsadm-deployment.yaml
index c46de08..44498d5 100644
--- a/templates/kotsadm-deployment.yaml
+++ b/templates/kotsadm-deployment.yaml
@@ -89,8 +89,10 @@ spec:
 {{- end }}
         - name: DISABLE_OUTBOUND_CONNECTIONS
           value: {{ .Values.isAirgap | quote }}
+{{- if .Values.privateCAs.enabled }}
         - name: SSL_CERT_DIR
           value: /certs
+{{- end }}
         image: {{ .Values.images.kotsadm }}
         imagePullPolicy: IfNotPresent
         name: kotsadm
@@ -117,8 +119,10 @@ spec:
           name: backup
         - mountPath: /tmp
           name: tmp
+{{- if .Values.privateCAs.enabled }}
         - mountPath: /certs
           name: kotsadm-private-cas
+{{- end }}
       initContainers:
       - args:
         - plan
@@ -208,6 +212,9 @@ spec:
         name: backup
       - emptyDir: {}
         name: tmp
+{{- if .Values.privateCAs.enabled }}
       - configmap:
-          name: kotsadm-private-cas
+          name: {{- .Values.privateCAs.configmapName }}
+          optional: true
         name: kotsadm-private-cas
+{{- end }}
diff --git a/values.yaml.tmpl b/values.yaml.tmpl
index 9374327..c09ceec 100644
--- a/values.yaml.tmpl
+++ b/values.yaml.tmpl
@@ -111,4 +111,6 @@ kurlProxy:
   enabled: false
   targetPort: 8800
 
-privateCAs: {}
+privateCAs:
+  enabled: false
+  configmapName: ""