From 619be76972d502c5c952807ed816dcf8b24cd303 Mon Sep 17 00:00:00 2001 From: iminfinity Date: Tue, 31 Dec 2024 14:22:47 +0530 Subject: [PATCH] bug fix: mount eyaml secret on /tmp/puppet/configmap/eyaml/keys upstream pr - https://github.com/puppetlabs/puppetserver-helm-chart/pull/239 --- .../puppetserver-deployment-compilers.yaml | 2 +- .../templates/puppetserver-deployment-masters.yaml | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-compilers.yaml b/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-compilers.yaml index b70a9cbda..2cd19b30b 100644 --- a/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-compilers.yaml +++ b/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-compilers.yaml @@ -308,7 +308,7 @@ spec: subPath: hiera.yaml {{- if and (or (.Values.hiera.eyaml.existingMap) (.Values.hiera.eyaml.existingSecret)) (not .Values.hiera.eyaml.public_key) (not .Values.hiera.eyaml.private_key) }} - name: eyaml-volume - mountPath: /etc/puppetlabs/puppet/eyaml/keys + mountPath: /tmp/puppet/configmap/eyaml/keys {{- end }} {{- end }} securityContext: diff --git a/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-masters.yaml b/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-masters.yaml index 03229b1c3..892678f4d 100644 --- a/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-masters.yaml +++ b/argocd-helm-charts/puppetserver/charts/puppetserver/templates/puppetserver-deployment-masters.yaml @@ -125,12 +125,6 @@ spec: cp /tmp/puppet/configmap/hiera.yaml /etc/puppetlabs/puppet/hiera.yaml; chown puppet:puppet /etc/puppetlabs/puppet/hiera.yaml; {{- end }} - {{- if or (.Values.hiera.eyaml.public_key) (.Values.hiera.eyaml.private_key) (.Values.hiera.eyaml.existingMap) (.Values.hiera.eyaml.existingSecret) }} - cp /tmp/puppet/configmap/eyaml/*private_key.pkcs7.pem /etc/puppetlabs/puppet/eyaml/keys/; - chown puppet:puppet /etc/puppetlabs/puppet/eyaml/keys/*private_key.pkcs7.pem; - cp /tmp/puppet/configmap/eyaml/*public_key.pkcs7.pem /etc/puppetlabs/puppet/eyaml/keys/; - chown puppet:puppet /etc/puppetlabs/puppet/eyaml/keys/*public_key.pkcs7.pem; - {{- end }} {{- end }} {{- end }} cp /tmp/puppet/configmap/site.pp /etc/puppetlabs/puppet/manifests/site.pp; @@ -144,6 +138,12 @@ spec: {{- if eq .Values.puppetserver.persistence.confd.enabled true }} cp -rp /etc/puppetlabs/puppetserver/conf.d/* /conf.d/; {{- end}} + {{- if or (.Values.hiera.eyaml.public_key) (.Values.hiera.eyaml.private_key) (.Values.hiera.eyaml.existingMap) (.Values.hiera.eyaml.existingSecret) }} + cp /tmp/puppet/configmap/eyaml/*private_key.pkcs7.pem /etc/puppetlabs/puppet/eyaml/keys/; + chown puppet:puppet /etc/puppetlabs/puppet/eyaml/keys/*private_key.pkcs7.pem; + cp /tmp/puppet/configmap/eyaml/*public_key.pkcs7.pem /etc/puppetlabs/puppet/eyaml/keys/; + chown puppet:puppet /etc/puppetlabs/puppet/eyaml/keys/*public_key.pkcs7.pem; + {{- end }} securityContext: runAsUser: 0 runAsNonRoot: false @@ -335,7 +335,7 @@ spec: {{- end }} {{- if and (or (.Values.hiera.eyaml.existingMap) (.Values.hiera.eyaml.existingSecret)) (not .Values.hiera.eyaml.public_key) (not .Values.hiera.eyaml.private_key) }} - name: eyaml-volume - mountPath: /etc/puppetlabs/puppet/eyaml/keys + mountPath: /tmp/puppet/configmap/eyaml/keys {{- end }} {{- end }} securityContext: