Skip to content

Commit 82fd20a

Browse files
shiradyshirady
committed
add volume mount in the endpoint deployment for iam-secret
Signed-off-by: shirady <[email protected]>
1 parent e7938e0 commit 82fd20a

File tree

2 files changed

+16
-3
lines changed

2 files changed

+16
-3
lines changed

deploy/internal/deployment-endpoint.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,10 @@ spec:
3737
secret:
3838
secretName: noobaa-sts-serving-cert
3939
optional: true
40+
- name: iam-secret
41+
secret:
42+
secretName: noobaa-iam-serving-cert
43+
optional: true
4044
# This service account token can be used to provide identity outside the cluster.
4145
# For example, this token can be used with AssumeRoleWithWebIdentity to authenticate with AWS using IAM OIDC provider and STS.
4246
- name: bound-sa-token
@@ -166,6 +170,9 @@ spec:
166170
- name: noobaa-server
167171
mountPath: /etc/noobaa-server
168172
readOnly: true
173+
- name: iam-secret
174+
mountPath: /etc/iam-secret
175+
readOnly: true
169176
- name: sts-secret
170177
mountPath: /etc/sts-secret
171178
readOnly: true

pkg/bundle/deploy.go

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4044,7 +4044,7 @@ data:
40444044
shared_preload_libraries = 'pg_stat_statements'
40454045
`
40464046

4047-
const Sha256_deploy_internal_deployment_endpoint_yaml = "fe660e3c058907d96617e52b14d2fa66589e5e55ac7220535c86ff56c5c945a5"
4047+
const Sha256_deploy_internal_deployment_endpoint_yaml = "b9aab05ca0f659d2e55b0af019b60ab6499a717ba5b1da84711abc4118c99577"
40484048

40494049
const File_deploy_internal_deployment_endpoint_yaml = `apiVersion: apps/v1
40504050
kind: Deployment
@@ -4085,6 +4085,10 @@ spec:
40854085
secret:
40864086
secretName: noobaa-sts-serving-cert
40874087
optional: true
4088+
- name: iam-secret
4089+
secret:
4090+
secretName: noobaa-iam-serving-cert
4091+
optional: true
40884092
# This service account token can be used to provide identity outside the cluster.
40894093
# For example, this token can be used with AssumeRoleWithWebIdentity to authenticate with AWS using IAM OIDC provider and STS.
40904094
- name: bound-sa-token
@@ -4214,6 +4218,9 @@ spec:
42144218
- name: noobaa-server
42154219
mountPath: /etc/noobaa-server
42164220
readOnly: true
4221+
- name: iam-secret
4222+
mountPath: /etc/iam-secret
4223+
readOnly: true
42174224
- name: sts-secret
42184225
mountPath: /etc/sts-secret
42194226
readOnly: true
@@ -4899,7 +4906,7 @@ spec:
48994906
storage: 30Gi
49004907
`
49014908

4902-
const Sha256_deploy_internal_route_iam_yaml = "adffe421b21f035fb033b0907f6fcfb4b665f0113dc89887e0b6cdc6bf09ca95"
4909+
const Sha256_deploy_internal_route_iam_yaml = "c97f843db5676140b2307ef13bf9354158eb546dcc7325adf225b24ec323c73a"
49034910

49044911
const File_deploy_internal_route_iam_yaml = `apiVersion: route.openshift.io/v1
49054912
kind: Route
@@ -4911,7 +4918,6 @@ spec:
49114918
port:
49124919
targetPort: iam-https
49134920
tls:
4914-
insecureEdgeTerminationPolicy: Allow
49154921
termination: reencrypt
49164922
to:
49174923
kind: Service

0 commit comments

Comments
 (0)