- name: api-server-configmap
mountPath: /etc/nginx/sites-enabled/api-server.conf
subPath: nginx.conf
+ {{- if .Values.customCABundle }}
+ - name: custom-ca-bundle-volume
+ mountPath: /etc/ssl/certs/ca-certificates.crt
+ subPath: custom-ca-bundle.pem
+ {{- end }}
- name: arvados-controller
image: "cure/arvados-runtime"
imagePullPolicy: {{ .Values.image.pullPolicy }}
- name: nginx-configmap
configMap:
name: arvados-api-server-https-configmap
+ {{- if .Values.customCABundle }}
+ - name: custom-ca-bundle-volume
+ configMap:
+ name: custom-ca-bundle-configmap
+ {{- end }}
--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: custom-ca-bundle-configmap
+ labels:
+ app: {{ template "arvados.name" . }}
+ chart: {{ template "arvados.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+ custom-ca-bundle.pem: |
+{{ .Values.customCABundle | indent 4 }}
arvados: 2.0.2
arvadosCLI: 2.0.2
arvadosLoginSync: 2.0.2
+
+# A custom bundle of CA certificates to use.
+# Useful for corporate networks with TLS proxies.
+# Set it by using the --set-file Helm argument.
+customCABundle: ""
projects / arvados-k8s.git / commitdiff