Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding keyttl and keycutofftime options to helm chart #1610

Merged
merged 1 commit into from
Nov 5, 2024
+21 −0
Merged

Adding keyttl and keycutofftime options to helm chart #1610

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions helm/sealed-secrets/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,8 @@ The command removes all the Kubernetes components associated with the chart and
| `updateStatus` | Specifies whether the Sealed Secrets controller should update the status subresource | `true` |
| `skipRecreate` | Specifies whether the Sealed Secrets controller should skip recreating removed secrets | `false` |
| `keyrenewperiod` | Specifies key renewal period. Default 30 days | `""` |
| `keyttl` | Specifies generated certificate validity duration. Default 10 years | `""` |
| `keycutofftime` | Specifies a date at which the controller must generate a new key. Useful in early renewal scenarios. | `""` |
| `rateLimit` | Number of allowed sustained request per second for verify endpoint | `""` |
| `rateLimitBurst` | Number of requests allowed to exceed the rate limit per second for verify endpoint | `""` |
| `additionalNamespaces` | List of namespaces used to manage the Sealed Secrets | `[]` |
Expand Down
8 changes: 8 additions & 0 deletions helm/sealed-secrets/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,14 @@ spec:
- --key-renew-period
- {{ .Values.keyrenewperiod | quote }}
{{- end }}
{{- if .Values.keyttl }}
- --key-ttl
- {{ .Values.keyttl | quote }}
{{- end }}
{{- if .Values.keycutofftime }}
- --key-cutoff-time
- {{ .Values.keycutofftime | quote }}
{{- end }}
{{- if .Values.rateLimit }}
- --rate-limit
- {{ .Values.rateLimit | quote }}
Expand Down
11 changes: 11 additions & 0 deletions helm/sealed-secrets/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,17 @@ skipRecreate: false
## To disable use "0", with quotes!
##
keyrenewperiod: ""
## @param keyttl Specifies the certificate validity duration. Default 10 years.
## e.g for one year
## keyttl: "8760h00m00s"
##
keyttl: ""
## @param keycutofftime Specifies a date at which the controller should generate a new certificate. Useful in early key renewal scenarios.
## Takes a date formated according to RFC1123. Can be obtained with the 'date -R' command on a unix system.
## e.g
## keycutofftime: "Mon, 14 Oct 2024 21:45:30 +0200"
##
keycutofftime: ""
## @param rateLimit Number of allowed sustained request per second for verify endpoint
##
rateLimit: ""
Expand Down
Loading