Skip to content

Instantly share code, notes, and snippets.

@ThomasVitale

ThomasVitale/kpack-overlay.yml

Created September 13, 2023 10:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ThomasVitale/059e5a3c0b8c6e8bf28d2b2c25759177 to your computer and use it in GitHub Desktop.
Save ThomasVitale/059e5a3c0b8c6e8bf28d2b2c25759177 to your computer and use it in GitHub Desktop.
Download ZIP
Kpack with custom CA
Raw
kpack-overlay.yml
#@ load("@ytt:data", "data")
#@ load("@ytt:overlay", "overlay")
#@ load("/config.star", "get_ca_certificates")
#@ if data.values.ca_cert_data != "":
#@yaml/text-templated-strings
---
apiVersion: v1
kind: Secret
metadata:
name: ca-certificates-binding
namespace: kpack
annotations:
kapp.k14s.io/versioned: ""
type: servicebinding.io/ca-certificates
stringData:
type: ca-certificates
#@ i = 0
#@ for ca_cert in get_ca_certificates():
certificate_(@= str(i) @): #@ ca_cert
#@ i += 1
#@ end
#@overlay/match by=overlay.subset({"kind":"Deployment", "metadata":{"name":"kpack-controller"}})
---
spec:
template:
spec:
containers:
#@overlay/match by="name"
#@overlay/match-child-defaults missing_ok=True
- name: controller
env:
#@overlay/append
- name: SERVICE_BINDING_ROOT
value: "/bindings"
volumeMounts:
#@overlay/append
- mountPath: /bindings/ca-certificates
name: ca-certificates
#@overlay/match missing_ok=True
volumes:
#@overlay/append
- name: ca-certificates
secret:
secretName: ca-certificates-binding
#@ end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment