Skip to content

Commit

Permalink
mounting Operator CA in minio not longer required (#1847)
Browse files Browse the repository at this point in the history
  • Loading branch information
cniackz authored Nov 14, 2023
1 parent 2515162 commit 7d23f73
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 18 deletions.
5 changes: 4 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,7 @@ nancy
examples/.DS_Store
testing/openshift/bundle/*
examples/**/obj/
.idea
.idea
public.crt
go_build_operator_
operator.iml
17 changes: 0 additions & 17 deletions pkg/resources/statefulsets/minio-statefulset.go
Original file line number Diff line number Diff line change
Expand Up @@ -476,7 +476,6 @@ func NewPool(args *NewPoolArgs) *appsv1.StatefulSet {
serviceName := args.ServiceName
hostsTemplate := args.HostsTemplate
operatorVersion := args.OperatorVersion
operatorCATLS := args.OperatorCATLS
operatorImage := args.OperatorImage

var podVolumes []corev1.Volume
Expand Down Expand Up @@ -673,22 +672,6 @@ func NewPool(args *NewPoolArgs) *appsv1.StatefulSet {
})
}

if operatorCATLS {
// Mount Operator CA TLS certificate to MinIO ~/cert/CAs
operatorCATLSSecretName := "operator-ca-tls"
certVolumeSources = append(certVolumeSources, []corev1.VolumeProjection{
{
Secret: &corev1.SecretProjection{
LocalObjectReference: corev1.LocalObjectReference{
Name: operatorCATLSSecretName,
},
Items: []corev1.KeyToPath{
{Key: "public.crt", Path: "CAs/operator-ca.crt"},
},
},
},
}...)
}
// If KES is enable mount TLS certificate secrets
if t.HasKESEnabled() {
// External Client certificates will have priority over AutoCert generated certificates
Expand Down

0 comments on commit 7d23f73

Please sign in to comment.