autoGenerateCert as object with enabled, ifNotExists properties

open-telemetry · Oct 31, 2023 · 6dbbb88 · 6dbbb88
1 parent b8aeb9d
commit 6dbbb88
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 12 deletions.
diff --git a/charts/opentelemetry-operator/templates/admission-webhooks/operator-webhook.yaml b/charts/opentelemetry-operator/templates/admission-webhooks/operator-webhook.yaml
@@ -3,10 +3,10 @@
 {{- $caCertEnc := "" }}
 {{- $certCrtEnc := "" }}
 {{- $certKeyEnc := "" }}
-{{- if .Values.admissionWebhooks.autoGenerateCert }}
+{{- if .Values.admissionWebhooks.autoGenerateCert.enabled }}
 {{- $prevSecret := (lookup "v1" "Secret" .Release.Namespace (default (printf "%s-controller-manager-service-cert" (include "opentelemetry-operator.fullname" .)) .Values.admissionWebhooks.secretName )) }}
 {{- $prevHook := (lookup "admissionregistration.k8s.io/v1" "MutatingWebhookConfiguration" .Release.Namespace (print (include "opentelemetry-operator.MutatingWebhookName" . ) "-mutation")) }}
-{{- if and .Values.admissionWebhooks.autoGenerateReuseCert $prevSecret $prevHook }}
+{{- if and .Values.admissionWebhooks.autoGenerateCert.ifNotExists $prevSecret $prevHook }}
 {{- $certCrtEnc = index $prevSecret "data" "tls.crt" }}
 {{- $certKeyEnc = index $prevSecret "data" "tls.key" }}
 {{- $caCertEnc = (first $prevHook.webhooks).clientConfig.caBundle }}

diff --git a/charts/opentelemetry-operator/values.schema.json b/charts/opentelemetry-operator/values.schema.json
@@ -1304,12 +1304,31 @@
                     }]
                 },
                 "autoGenerateCert": {
-                    "type": "boolean",
-                    "default": true,
-                    "title": "The autoGenerateCert schema",
-                    "examples": [
-                        true
-                    ]
+                    "type": "object",
+                    "default": {},
+                    "title": "The autoGenerateCert Schema",
+                    "required": [
+                        "enabled",
+                        "ifNotExists"
+                    ],
+                    "properties": {
+                        "enabled": {
+                            "type": "boolean",
+                            "default": true,
+                            "title": "The enabled Schema",
+                            "examples": [
+                                true
+                            ]
+                        },
+                        "ifNotExists": {
+                            "type": "boolean",
+                            "default": true,
+                            "title": "The ifNotExists Schema",
+                            "examples": [
+                                true
+                            ]
+                       }
+                    }
                 },
                 "secretAnnotations": {
                     "type": "object",

diff --git a/charts/opentelemetry-operator/values.yaml b/charts/opentelemetry-operator/values.yaml
@@ -218,10 +218,10 @@ admissionWebhooks:
   ## TLS Certificate Option 2: Use Helm to automatically generate self-signed certificate.
   ## certManager must be disabled and autoGenerateCert must be enabled.
   ## If true and certManager.enabled is false, Helm will automatically create a self-signd cert and secret for you.
-  autoGenerateCert: true
-
-  # Set true to reuse existing cert, autoGenerateCert must be enabled too
-  autoGenerateCertIfNotExists: true
+  autoGenerateCert:
+    enabled: true
+    # true means generate cert if cert not exists only
+    ifNotExists: true
 
   ## TLS Certificate Option 3: Use your own self-signed certificate.
   ## certManager and autoGenerateCert must be disabled and cert_file, key_file, and ca_file must be set.