Skip to content

Commit

Permalink
Adding -use-https flag to client-daemonset.yaml when externalServers …
Browse files Browse the repository at this point in the history
…are enabled
  • Loading branch information
jmurret committed Mar 14, 2022
1 parent c6072a1 commit 818a5db
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 10 deletions.
17 changes: 11 additions & 6 deletions charts/consul/templates/client-daemonset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -478,10 +478,16 @@ spec:
value: "/consul/tls/ca/tls.crt"
{{- end }}
{{- end }}
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
command:
- "/bin/sh"
- "-ec"
- |
CONSUL_FULLNAME="{{template "consul.fullname" . }}"
consul-k8s-control-plane acl-init \
-component-name=client \
-acl-auth-method="{{ template "consul.fullname" . }}-k8s-component-auth-method" \
Expand All @@ -490,20 +496,19 @@ spec:
{{- end }}
-log-level={{ default .Values.global.logLevel .Values.client.logLevel }} \
-log-json={{ .Values.global.logJSON }} \
-init-type="client" \
{{- if .Values.externalServers.enabled }}
{{- if .Values.global.tls.enabled }}
-use-https \
{{- end }}
{{- range .Values.externalServers.hosts }}
-server-address={{ quote . }} \
{{- end }}
-server-port={{ .Values.externalServers.httpsPort }} \
{{- if .Values.externalServers.tlsServerName }}
-tls-server-name={{ .Values.externalServers.tlsServerName }} \
{{- end }}
{{- else }}
{{- range $index := until (.Values.server.replicas | int) }}
-server-address="${CONSUL_FULLNAME}-server-{{ $index }}.${CONSUL_FULLNAME}-server.${NAMESPACE}.svc" \
-tls-server-name={{ .Values.externalServers.tlsServerName }} \
{{- end }}
{{- end }}
-init-type="client"
volumeMounts:
- name: aclconfig
mountPath: /consul/aclconfig
Expand Down
1 change: 1 addition & 0 deletions charts/consul/test/unit/client-daemonset.bats
Original file line number Diff line number Diff line change
Expand Up @@ -1355,6 +1355,7 @@ local actual=$(echo $object |
local command=$(helm template \
-s templates/client-daemonset.yaml \
--set 'global.acls.manageSystemACLs=true' \
--set 'global.tls.enabled=true' \
--set 'externalServers.enabled=true' \
--set 'server.enabled=false' \
--set 'externalServers.hosts[0]=computer' \
Expand Down
6 changes: 2 additions & 4 deletions control-plane/subcommand/acl-init/command.go
Original file line number Diff line number Diff line change
Expand Up @@ -177,10 +177,8 @@ func (c *Command) Run(args []string) int {
}
// For all of the next operations we'll need a Consul client.
serverAddr := fmt.Sprintf("%s:%d", serverAddresses[0], c.flagServerPort)
c.http.MergeOntoConfig(&api.Config{
Address: serverAddr,
Scheme: scheme,
})
cfg.Address = serverAddr
cfg.Scheme = scheme
}

c.consulClient, err = consul.NewClient(cfg)
Expand Down

0 comments on commit 818a5db

Please sign in to comment.