CASMPET-6904 update the cert-manager API in etcd-base chart (#40)

* CASMPET-6904 update the cert-manager API in etcd-base chart
Cray-HPE · May 21, 2024 · 3e88101 · 3e88101
1 parent e10d6ab
commit 3e88101
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 21 deletions.
diff --git a/charts/cray-etcd-base/Chart.yaml b/charts/cray-etcd-base/Chart.yaml
@@ -23,7 +23,7 @@
 #
 apiVersion: v2
 name: cray-etcd-base
-version: 1.1.2
+version: 1.2.0
 description: This chart should never be installed directly, instead it is intended to be a sub-chart.
 home: https://github.com/Cray-HPE/cray-etcd
 dependencies:

diff --git a/charts/cray-etcd-base/templates/certificates.yaml b/charts/cray-etcd-base/templates/certificates.yaml
@@ -23,21 +23,23 @@ OTHER DEALINGS IN THE SOFTWARE.
 */}}
 {{- if .Values.etcd.auth.client.secureTransport -}}
 ---
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
   name: "{{ include "cray-etcd-base.fullname" . }}-etcd-server-tls"
 spec:
   secretName: "{{ include "cray-etcd-base.fullname" . }}-etcd-server-tls"
   duration: 720h
   renewBefore: 24h
-  organization:
-    - Cray
+  subject:
+    organizations:
+      - Cray
   commonName: "{{ include "cray-etcd-base.fullname" . }}-{{ .Release.Namespace }}-server"
   isCA: false
-  keySize: 2048
-  keyAlgorithm: rsa
-  keyEncoding: pkcs1
+  privateKey:
+    size: 2048
+    algorithm: RSA
+    encoding: PKCS1
   usages:
     - signing
     - key encipherment
@@ -53,21 +55,23 @@ spec:
     name: "{{ .Values.etcd.auth.client.issuer }}"
     kind: Issuer
 ---
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
   name: "{{ include "cray-etcd-base.fullname" . }}-etcd-peer-tls"
 spec:
   secretName: "{{ include "cray-etcd-base.fullname" . }}-etcd-peer-tls"
   duration: 720h
   renewBefore: 24h
-  organization:
-    - Cray
+  subject:
+    organizations:
+      - Cray
   commonName: "{{ include "cray-etcd-base.fullname" . }}-{{ .Release.Namespace }}-peer"
   isCA: false
-  keySize: 2048
-  keyAlgorithm: rsa
-  keyEncoding: pkcs1
+  privateKey:
+    size: 2048
+    algorithm: RSA
+    encoding: PKCS1
   usages:
     - signing
     - key encipherment
@@ -80,21 +84,23 @@ spec:
     name: "{{ .Values.etcd.auth.client.issuer }}"
     kind: Issuer
 ---
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
   name: "{{ include "cray-etcd-base.fullname" . }}-etcd-tls"
 spec:
   secretName: "{{ include "cray-etcd-base.fullname" . }}-etcd-tls"
   duration: 720h
   renewBefore: 24h
-  organization:
-    - Cray
+  subject:
+    organizations:
+      - Cray
   commonName: "{{ include "cray-etcd-base.fullname" . }}-{{ .Release.Namespace }}-client"
   isCA: false
-  keySize: 2048
-  keyAlgorithm: rsa
-  keyEncoding: pkcs1
+  privateKey:
+    size: 2048
+    algorithm: RSA
+    encoding: PKCS1
   usages:
     - signing
     - key encipherment

diff --git a/charts/cray-etcd-test/Chart.yaml b/charts/cray-etcd-test/Chart.yaml
@@ -28,7 +28,7 @@ dependencies:
   version: "~10.0.0"
   repository: https://artifactory.algol60.net/artifactory/csm-helm-charts
 - name: cray-etcd-base
-  version: "~1.1.1"
+  version: "1.2.0-20240516154242+ff2fc0e"
   repository: https://artifactory.algol60.net/artifactory/csm-helm-charts
 description: "Test etcd chart"
 home: "https://github.com/Cray-HPE/cray-etcd-test"
@@ -40,4 +40,4 @@ maintainers:
 name: cray-etcd-test
 sources:
   - "https://github.com/Cray-HPE/cray-etcd-test"
-version: 1.1.1
+version: 1.2.0
diff --git a/charts/cray-etcd-test/values.yaml b/charts/cray-etcd-test/values.yaml
@@ -27,6 +27,11 @@ cray-service:
 cray-etcd-base:
   nameOverride: cray-etcd-test
   etcd:
+    auth:
+      client:
+        secureTransport: true
+        issuer: "cert-manager-issuer-common"
+        existingSecret: "cray-etcd-test-bitnami-etcd-jwt-token"
     disasterRecovery:
       cronjob:
         snapshotsDir: "/snapshots/cray-etcd-test-bitnami-etcd"