Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Custom Certificates Through Helm Chart #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
ElioDiNino opened this issue Jul 25, 2023 · 4 comments · Fixed by #10
Closed

Custom Certificates Through Helm Chart #9

ElioDiNino opened this issue Jul 25, 2023 · 4 comments · Fixed by #10
Assignees
@ericpaulsen
Labels
enhancement New feature or request

Comments

@ElioDiNino
Copy link

Problem

Currently, to set a custom certificate for the Helm chart (required for Coder deployments with self-signed certificates) you must create a new Docker image that extends the current one. The extended image needs to add in your custom certificate and set the SSL_CERT_FILE or SSL_CERT_DIR environment variable. You must then reference this custom image in the Helm chart (example of both below).

Solution

The environment variables should be able to be set through values.yaml and the custom certificates should be able to be mounted as a volume or from a secret (like in the Coder helm chart for certs and tls).

Examples

Custom Dockerfile

FROM ghcr.io/coder/coder-logstream-kube:latest

ADD mycert.crt mycert.crt
ENV SSL_CERT_FILE="mycert.crt"

values.yaml

# url -- The URL of your Coder deployment. Must prefix with http or https
url: "https://coder.mydomain.local"

# namespace -- The namespace to searching for Pods within.
# If unspecified, this defaults to the Helm namespace.
namespace: ""

# image -- The image to use.
image:
  # image.repo -- The repository of the image.
  repo: "myCustomRepo/coder-logstream-kube"
  # image.tag -- The tag of the image, defaults to {{.Chart.AppVersion}}
  # if not set. If you're using the chart directly from git, the default
  # app version will not work and you'll need to set this value. The helm
  # chart helpfully fails quickly in this case.
  tag: "latest"
  # image.pullPolicy -- The pull policy to use for the image. See:
  # https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
  pullPolicy: Always
  # image.pullSecrets -- The secrets used for pulling the Coder image from
  # a private registry.
  pullSecrets: []
  #  - name: "pull-secret"

serviceAccount:
  # serviceAccount.annotations -- The service account annotations.
  annotations: {}
  # serviceAccount.labels -- The service account labels.
  labels: {}
  # coder.serviceAccount.name -- The service account name
  name: coder-logstream-kube
@ericpaulsen
Copy link
Member

I can take this on.

@ericpaulsen ericpaulsen self-assigned this Jul 26, 2023
@ericpaulsen ericpaulsen added the enhancement New feature or request label Jul 26, 2023
@ericpaulsen ericpaulsen mentioned this issue Jul 26, 2023
Merged
@ElioDiNino
Copy link
Author

When will a new tag version be released with this change implemented?

@ericpaulsen
Copy link
Member

When will a new tag version be released with this change implemented?

i'll defer to @kylecarbs as to when we will cut a new release.

@kylecarbs
Copy link
Member

I'll cut one right now!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ericpaulsen ericpaulsen

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(helm): add volume mounts & cert vars coder/coder-logstream-kube
3 participants
@kylecarbs @ericpaulsen @ElioDiNino