From 4f474b8b27fabd1d8cf3638b360ae5ab30b0a3b5 Mon Sep 17 00:00:00 2001 From: Jonny Date: Thu, 1 Dec 2022 14:09:40 +0000 Subject: [PATCH 1/3] Add env var for tls-reject-unauthorised to helm chart --- charts/budibase/templates/app-service-deployment.yaml | 4 ++++ charts/budibase/templates/minio-service-deployment.yaml | 5 +++++ charts/budibase/templates/proxy-service-deployment.yaml | 5 +++++ charts/budibase/templates/redis-service-deployment.yaml | 5 +++++ charts/budibase/templates/worker-service-deployment.yaml | 4 ++++ charts/budibase/values.yaml | 1 + 6 files changed, 24 insertions(+) diff --git a/charts/budibase/templates/app-service-deployment.yaml b/charts/budibase/templates/app-service-deployment.yaml index 72d9fc93a9..2f8242a030 100644 --- a/charts/budibase/templates/app-service-deployment.yaml +++ b/charts/budibase/templates/app-service-deployment.yaml @@ -158,6 +158,10 @@ spec: {{ end }} - name: CDN_URL value: {{ .Values.globals.cdnUrl }} + {{ if .Values.services.tlsRejectUnauthorized }} + - name: NODE_TLS_REJECT_UNAUTHORIZED + value: {{ .Values.services.tlsRejectUnauthorized }} + {{ end }} image: budibase/apps:{{ .Values.globals.appVersion }} imagePullPolicy: Always diff --git a/charts/budibase/templates/minio-service-deployment.yaml b/charts/budibase/templates/minio-service-deployment.yaml index 144dbe539a..157378f23d 100644 --- a/charts/budibase/templates/minio-service-deployment.yaml +++ b/charts/budibase/templates/minio-service-deployment.yaml @@ -42,6 +42,11 @@ spec: secretKeyRef: name: {{ template "budibase.fullname" . }} key: objectStoreSecret + {{ if .Values.services.tlsRejectUnauthorized }} + - name: NODE_TLS_REJECT_UNAUTHORIZED + value: {{ .Values.services.tlsRejectUnauthorized }} + {{ end }} + image: minio/minio imagePullPolicy: "" livenessProbe: diff --git a/charts/budibase/templates/proxy-service-deployment.yaml b/charts/budibase/templates/proxy-service-deployment.yaml index 5588022032..4216d387c2 100644 --- a/charts/budibase/templates/proxy-service-deployment.yaml +++ b/charts/budibase/templates/proxy-service-deployment.yaml @@ -50,4 +50,9 @@ spec: restartPolicy: Always serviceAccountName: "" volumes: + env: + {{ if .Values.services.tlsRejectUnauthorized }} + - name: NODE_TLS_REJECT_UNAUTHORIZED + value: {{ .Values.services.tlsRejectUnauthorized }} + {{ end }} status: {} diff --git a/charts/budibase/templates/redis-service-deployment.yaml b/charts/budibase/templates/redis-service-deployment.yaml index d94e4d70f8..7961c96abf 100644 --- a/charts/budibase/templates/redis-service-deployment.yaml +++ b/charts/budibase/templates/redis-service-deployment.yaml @@ -60,5 +60,10 @@ spec: - name: redis-data persistentVolumeClaim: claimName: redis-data + env: + {{ if .Values.services.tlsRejectUnauthorized }} + - name: NODE_TLS_REJECT_UNAUTHORIZED + value: {{ .Values.services.tlsRejectUnauthorized }} + {{ end }} status: {} {{- end }} diff --git a/charts/budibase/templates/worker-service-deployment.yaml b/charts/budibase/templates/worker-service-deployment.yaml index df692a0723..5e8578212d 100644 --- a/charts/budibase/templates/worker-service-deployment.yaml +++ b/charts/budibase/templates/worker-service-deployment.yaml @@ -149,6 +149,10 @@ spec: {{ end }} - name: CDN_URL value: {{ .Values.globals.cdnUrl }} + {{ if .Values.services.tlsRejectUnauthorized }} + - name: NODE_TLS_REJECT_UNAUTHORIZED + value: {{ .Values.services.tlsRejectUnauthorized }} + {{ end }} image: budibase/worker:{{ .Values.globals.appVersion }} imagePullPolicy: Always diff --git a/charts/budibase/values.yaml b/charts/budibase/values.yaml index a2a761aa86..2cf2767f12 100644 --- a/charts/budibase/values.yaml +++ b/charts/budibase/values.yaml @@ -110,6 +110,7 @@ globals: services: budibaseVersion: latest dns: cluster.local + # tlsRejectUnauthorized: 0 proxy: port: 10000 From 680061382a18e46a064bccbab0b67bae7423c7fd Mon Sep 17 00:00:00 2001 From: Jonny Date: Thu, 1 Dec 2022 14:50:27 +0000 Subject: [PATCH 2/3] not needed in redis/minio --- charts/budibase/templates/minio-service-deployment.yaml | 4 ---- charts/budibase/templates/redis-service-deployment.yaml | 6 +----- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/charts/budibase/templates/minio-service-deployment.yaml b/charts/budibase/templates/minio-service-deployment.yaml index 157378f23d..d0a367653d 100644 --- a/charts/budibase/templates/minio-service-deployment.yaml +++ b/charts/budibase/templates/minio-service-deployment.yaml @@ -42,10 +42,6 @@ spec: secretKeyRef: name: {{ template "budibase.fullname" . }} key: objectStoreSecret - {{ if .Values.services.tlsRejectUnauthorized }} - - name: NODE_TLS_REJECT_UNAUTHORIZED - value: {{ .Values.services.tlsRejectUnauthorized }} - {{ end }} image: minio/minio imagePullPolicy: "" diff --git a/charts/budibase/templates/redis-service-deployment.yaml b/charts/budibase/templates/redis-service-deployment.yaml index 7961c96abf..5916c6d3f9 100644 --- a/charts/budibase/templates/redis-service-deployment.yaml +++ b/charts/budibase/templates/redis-service-deployment.yaml @@ -60,10 +60,6 @@ spec: - name: redis-data persistentVolumeClaim: claimName: redis-data - env: - {{ if .Values.services.tlsRejectUnauthorized }} - - name: NODE_TLS_REJECT_UNAUTHORIZED - value: {{ .Values.services.tlsRejectUnauthorized }} - {{ end }} + status: {} {{- end }} From 44380d2bc0611b4a9946fd905a51ec31273e3c17 Mon Sep 17 00:00:00 2001 From: Jonny Date: Fri, 2 Dec 2022 10:00:34 +0000 Subject: [PATCH 3/3] not needed in proxy --- charts/budibase/templates/proxy-service-deployment.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/charts/budibase/templates/proxy-service-deployment.yaml b/charts/budibase/templates/proxy-service-deployment.yaml index 4216d387c2..5588022032 100644 --- a/charts/budibase/templates/proxy-service-deployment.yaml +++ b/charts/budibase/templates/proxy-service-deployment.yaml @@ -50,9 +50,4 @@ spec: restartPolicy: Always serviceAccountName: "" volumes: - env: - {{ if .Values.services.tlsRejectUnauthorized }} - - name: NODE_TLS_REJECT_UNAUTHORIZED - value: {{ .Values.services.tlsRejectUnauthorized }} - {{ end }} status: {}