This is an automated email from the ASF dual-hosted git repository.
gallardot pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-helm-chart.git
The following commit(s) were added to refs/heads/master by this push:
new 7ea7a5e feat(dashboard): Allow dashboards to use external etcd with
mtls (#494)
7ea7a5e is described below
commit 7ea7a5e2ec359c21abcfc2f710a550fda68a932b
Author: Jayson Reis <[email protected]>
AuthorDate: Thu Jul 20 03:51:23 2023 +0200
feat(dashboard): Allow dashboards to use external etcd with mtls (#494)
* feat(dashboard): Allow dashboards to use external etcd with mtls
* chore: Update docs with helm-docs
* chore: Rename existingSecret to mtlsExistingSecret
---
charts/apisix-dashboard/README.md | 2 ++
charts/apisix-dashboard/templates/configmap.yaml | 4 ++++
charts/apisix-dashboard/templates/deployment.yaml | 9 +++++++++
charts/apisix-dashboard/values.yaml | 10 ++++++++++
4 files changed, 25 insertions(+)
diff --git a/charts/apisix-dashboard/README.md
b/charts/apisix-dashboard/README.md
index a894231..8a4c43d 100644
--- a/charts/apisix-dashboard/README.md
+++ b/charts/apisix-dashboard/README.md
@@ -63,6 +63,8 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/)
for command documen
| config.authentication.secret | string | `"secret"` | Secret for jwt token
generation |
| config.authentication.users | list |
`[{"password":"admin","username":"admin"}]` | Specifies username and password
for login manager api. |
| config.conf.etcd.endpoints | list | `["apisix-etcd:2379"]` | Supports
defining multiple etcd host addresses for an etcd cluster |
+| config.conf.etcd.mtls | object | `{}` | |
+| config.conf.etcd.mtlsExistingSecret | string | `""` | Specifies a secret to
be mounted on /etc/etcd for mtls usage |
| config.conf.etcd.password | string | `nil` | Specifies etcd basic auth
password if enable etcd auth |
| config.conf.etcd.prefix | string | `"/apisix"` | apisix configurations
prefix |
| config.conf.etcd.username | string | `nil` | Specifies etcd basic auth
username if enable etcd auth |
diff --git a/charts/apisix-dashboard/templates/configmap.yaml
b/charts/apisix-dashboard/templates/configmap.yaml
index e869fbb..82d6e8f 100644
--- a/charts/apisix-dashboard/templates/configmap.yaml
+++ b/charts/apisix-dashboard/templates/configmap.yaml
@@ -41,6 +41,10 @@ data:
{{- if .password }}
password: {{ .password }}
{{- end }}
+ {{- if .mtls }}
+ mtls:
+ {{- toYaml .mtls | nindent 10 }}
+ {{- end }}
{{- end }}
{{- with .log }}
log:
diff --git a/charts/apisix-dashboard/templates/deployment.yaml
b/charts/apisix-dashboard/templates/deployment.yaml
index e83a065..2866549 100644
--- a/charts/apisix-dashboard/templates/deployment.yaml
+++ b/charts/apisix-dashboard/templates/deployment.yaml
@@ -77,10 +77,19 @@ spec:
- mountPath: /usr/local/apisix-dashboard/conf/conf.yaml
name: apisix-dashboard-config
subPath: conf.yaml
+ {{- if .Values.config.conf.etcd.mtlsExistingSecret }}
+ - mountPath: /etc/etcd
+ name: etcd-config
+ {{- end}}
volumes:
- configMap:
name: {{ include "apisix-dashboard.fullname" . }}
name: apisix-dashboard-config
+ {{- if .Values.config.conf.etcd.mtlsExistingSecret }}
+ - secret:
+ secretName: {{ .Values.config.conf.etcd.mtlsExistingSecret }}
+ name: etcd-config
+ {{- end}}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
diff --git a/charts/apisix-dashboard/values.yaml
b/charts/apisix-dashboard/values.yaml
index 58a58c0..89bc9eb 100644
--- a/charts/apisix-dashboard/values.yaml
+++ b/charts/apisix-dashboard/values.yaml
@@ -89,6 +89,16 @@ config:
username: ~
# -- Specifies etcd basic auth password if enable etcd auth
password: ~
+
+ # -- Specifies a secret to be mounted on /etc/etcd for mtls usage
+ mtlsExistingSecret: ""
+
+ # MTLS configuration used for external etcd instances
+ mtls:
+ {}
+ # key_file: /etc/etcd/server-client.key
+ # cert_file: /etc/etcd/server-client.crt
+ # ca_file: /etc/etcd/server-ca.crt
log:
# -- Error log level.
# Supports levels, lower to higher: debug, info, warn, error, panic,
fatal
