move option

observIQ · Dec 9, 2024 · f43a733 · f43a733
1 parent f800b51
commit f43a733
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 9 deletions.
diff --git a/charts/bindplane/README.md b/charts/bindplane/README.md
@@ -56,9 +56,9 @@ BindPlane OP is an observability pipeline.
 | backend.postgres.maxConnections | int | `100` | Max number of connections to use when communicating with Postgres. |
 | backend.postgres.password | string | `""` | Password for the username used to connect to Postgres. |
 | backend.postgres.port | int | `5432` | TCP port used to connect to Postgres. |
+| backend.postgres.source | string | `"secret"` | How to read the Postgres TLS certificate(s). Supported options include "secret" and "manual". When "secret" is set, a secret containing the Postgres TLS certificate(s) will be mounted into the BindPlane container. When "manual" is set, it is up to the user to ensure the certificates are mounted into the BindPlane container' emptyDir volume at postgres-tls-dir /postgres-tls. |
 | backend.postgres.sslmode | string | `"disable"` | SSL mode to use when connecting to Postgres over TLS. Supported options include "disable", "require", "verify-ca", "verify-full". See the [postgres ssl documentation](https://jdbc.postgresql.org/documentation/ssl/) for more information. |
 | backend.postgres.sslsecret.name | string | `""` | Name of the secret that contains the Postgres TLS certificate(s). When SSL mode is set to `verify-ca` or `verify-full`, this secret will be used to mount certificates into the BindPlane container. Requires BindPlane v1.56.0 or newer. |
-| backend.postgres.sslsecret.source | string | `"secret"` | How to read the Postgres TLS certificate(s). Supported options include "secret" and "manual". When "secret" is set, a secret containing the Postgres TLS certificate(s) will be mounted into the BindPlane container. When "manual" is set, it is up to the user to ensure the certificates are mounted into the BindPlane container' emptyDir volume at postgres-tls-dir /postgres-tls. |
 | backend.postgres.sslsecret.sslcertSubPath | string | `""` | Path to the client certificate used to authenticate with the Postgres server, when mutual TLS is required. |
 | backend.postgres.sslsecret.sslkeySubPath | string | `""` | Path to the client private key used to authenticate with the Postgres server, when mutual TLS is required. Required when `sslcertSubPath` is set. |
 | backend.postgres.sslsecret.sslrootcertSubPath | string | `""` | Path to the CA certificate used to verify the Postgres server's certificate. |

diff --git a/charts/bindplane/templates/bindplane-jobs.yaml b/charts/bindplane/templates/bindplane-jobs.yaml
@@ -60,7 +60,7 @@ spec:
       {{- toYaml .Values.topologySpreadConstraints.jobs | nindent 8 }}
       {{- end }}
       {{- if .Values.backend.postgres.sslsecret.name }}
-      {{- if eq .Values.backend.postgres.sslsecret.source "secret" }}
+      {{- if eq .Values.backend.postgres.source "secret" }}
       initContainers:
         - name: postgres-tls
           image: busybox

diff --git a/charts/bindplane/templates/bindplane.yaml b/charts/bindplane/templates/bindplane.yaml
@@ -86,7 +86,7 @@ spec:
               mountPath: /data
       {{- end }}
       {{- if .Values.backend.postgres.sslsecret.name }}
-      {{- if eq .Values.backend.postgres.sslsecret.source "secret" }}
+      {{- if eq .Values.backend.postgres.source "secret" }}
         - name: postgres-tls
           image: busybox
           command:

diff --git a/charts/bindplane/templates/configmap.yaml b/charts/bindplane/templates/configmap.yaml
@@ -10,7 +10,7 @@ data:
     chmod 0750 /data
 {{ end }}
 {{- if .Values.backend.postgres.sslsecret.name }}
-{{- if eq .Values.backend.postgres.sslsecret.source "secret" }}
+{{- if eq .Values.backend.postgres.source "secret" }}
 kind: ConfigMap
 apiVersion: v1
 metadata:

diff --git a/charts/bindplane/values.yaml b/charts/bindplane/values.yaml
@@ -20,12 +20,12 @@ backend:
     database: ""
     # -- SSL mode to use when connecting to Postgres over TLS. Supported options include "disable", "require", "verify-ca", "verify-full". See the [postgres ssl documentation](https://jdbc.postgresql.org/documentation/ssl/) for more information.
     sslmode: "disable"
+    # -- How to read the Postgres TLS certificate(s). Supported options include "secret" and "manual".
+    # When "secret" is set, a secret containing the Postgres TLS certificate(s) will be mounted into the BindPlane container.
+    # When "manual" is set, it is up to the user to ensure the certificates are mounted into the BindPlane container'
+    # emptyDir volume at postgres-tls-dir /postgres-tls.
+    source: "secret"
     sslsecret:
-      # -- How to read the Postgres TLS certificate(s). Supported options include "secret" and "manual".
-      # When "secret" is set, a secret containing the Postgres TLS certificate(s) will be mounted into the BindPlane container.
-      # When "manual" is set, it is up to the user to ensure the certificates are mounted into the BindPlane container'
-      # emptyDir volume at postgres-tls-dir /postgres-tls.
-      source: "secret"
       # -- Name of the secret that contains the Postgres TLS certificate(s). When SSL mode is set to
       # `verify-ca` or `verify-full`, this secret will be used to mount certificates into the BindPlane
       # container. Requires BindPlane v1.56.0 or newer.