diff --git a/charts/connect/README.md b/charts/connect/README.md index a84c18f..d042570 100644 --- a/charts/connect/README.md +++ b/charts/connect/README.md @@ -157,6 +157,7 @@ helm install --set connect.applicationName=connect connect ./connect | operator.watchNamespace | list | `[]` | A list of namespaces for the 1Password Operator to watch and manage. Use the empty list to watch all namespaces. | | operator.resources | object | `{}` | The resources requests/limits for the 1Password Operator pod | | operator.customEnvVars | array | `[]` | Custom environment variables for the 1Password Operator container that are not specified in this helm chart. | +| operator.tls.trust.secret | string | `op-connect-tls` | The name of the secret containing the TLS certificate (tls.crt) used by the 1Password Connect API. This is used if that cert is a self-signed cert that needs to be trusted by the Operator. | #### Custom Environment Variables diff --git a/charts/connect/templates/operator-deployment.yaml b/charts/connect/templates/operator-deployment.yaml index ab081e2..238fff4 100644 --- a/charts/connect/templates/operator-deployment.yaml +++ b/charts/connect/templates/operator-deployment.yaml @@ -46,6 +46,12 @@ spec: tolerations: {{- toYaml .Values.operator.tolerations | nindent 8 }} serviceAccountName: {{ .Values.operator.serviceAccount.name }} + volumes: + {{- if .Values.operator.tls.trust.secret }} + - name: tls-trust + secret: + secretName: {{ .Values.operator.tls.trust.secret }} + {{- end }} containers: - name: {{ .Values.connect.applicationName }} image: {{ .Values.operator.imageRepository }}:{{ .Values.operator.version | default "latest" }} @@ -83,8 +89,17 @@ spec: - name: {{ .name }} value: {{ .value }} {{- end }} + {{- if .Values.operator.tls.trust.secret }} + - name: SSL_CERT_FILE + value: /tls/trust/tls.crt + {{- end }} resources: {{- toYaml .Values.operator.resources | nindent 12 }} + volumeMounts: + {{- if .Values.operator.tls.trust.secret }} + - mountPath: /tls/trust + name: tls-trust + {{- end}} {{- with .Values.operator.imagePullSecrets }} imagePullSecrets: {{- range . }} diff --git a/charts/connect/values.yaml b/charts/connect/values.yaml index 53267d7..4993a6c 100644 --- a/charts/connect/values.yaml +++ b/charts/connect/values.yaml @@ -378,6 +378,15 @@ operator: # value: VARIABLE_VALUE customEnvVars: [] + # 1Password Operator TLS settings + tls: + + # 1Password Operator TLS trust settings + trust: {} + + # 1Password operator should trust the certificate in this secret + # secret: + # 1Password Acceptance Tests Functionality acceptanceTests: enabled: false