From 96ea80220432d66ae7b4bc517c34a4db81566956 Mon Sep 17 00:00:00 2001 From: okozachenko Date: Sat, 2 Sep 2023 04:55:39 +1000 Subject: [PATCH] Create a certificate for novnc vencrypt separately Once manifests.certificates is set as true, TLS for all components are enabled. There is no way to enable TLS for each component. This patch is to support the usecase to just enable vencrypt auth scheme. Change-Id: I1e33071a16e0eb764c51442f99c3795ceb9efb19 --- nova/Chart.yaml | 2 +- nova/templates/certificates.yaml | 6 +++--- releasenotes/notes/nova.yaml | 1 + 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/nova/Chart.yaml b/nova/Chart.yaml index 7d4cd550ee..40d1aa51f5 100644 --- a/nova/Chart.yaml +++ b/nova/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Nova name: nova -version: 0.3.23 +version: 0.3.24 home: https://docs.openstack.org/nova/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Nova/OpenStack_Project_Nova_vertical.png sources: diff --git a/nova/templates/certificates.yaml b/nova/templates/certificates.yaml index 39c98b03dc..a1385e3bba 100644 --- a/nova/templates/certificates.yaml +++ b/nova/templates/certificates.yaml @@ -12,14 +12,14 @@ See the License for the specific language governing permissions and limitations under the License. */}} +{{- if (contains "vencrypt" .Values.conf.nova.vnc.auth_schemes) -}} +{{ dict "envAll" . "service" "compute_novnc_vencrypt" "type" "internal" | include "helm-toolkit.manifests.certificates" }} +{{- end }} {{- if .Values.manifests.certificates -}} {{ dict "envAll" . "service" "compute" "type" "internal" | include "helm-toolkit.manifests.certificates" }} {{- if .Values.manifests.deployment_novncproxy }} {{ dict "envAll" . "service" "compute_novnc_proxy" "type" "internal" | include "helm-toolkit.manifests.certificates" }} {{- end }} -{{- if (contains "vencrypt" .Values.conf.nova.vnc.auth_schemes) -}} -{{ dict "envAll" . "service" "compute_novnc_vencrypt" "type" "internal" | include "helm-toolkit.manifests.certificates" }} -{{- end }} {{- if .Values.manifests.deployment_placement }} {{ dict "envAll" . "service" "placement" "type" "internal" | include "helm-toolkit.manifests.certificates" }} {{- end }} diff --git a/releasenotes/notes/nova.yaml b/releasenotes/notes/nova.yaml index 76cf51c04d..7b89c00068 100644 --- a/releasenotes/notes/nova.yaml +++ b/releasenotes/notes/nova.yaml @@ -92,4 +92,5 @@ nova: - 0.3.21 Update health probe script considering ovsdb_connection config - 0.3.22 Replace deprecated configuration vncserver_proxyclient_address to server_proxyclient_address - 0.3.23 Add Ubuntu Jammy overrides + - 0.3.24 Create a certificate for novnc vencrypt separately ...