Merge pull request #89 from trifork/feature/re-generate_cert

Feature/re generate cert
trifork · Aug 10, 2023 · b30178b · b30178b
2 parents 079fabf + 51fa6d3
commit b30178b
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 9 deletions.
diff --git a/charts/flink-job/Chart.yaml b/charts/flink-job/Chart.yaml
@@ -7,7 +7,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.1
+version: 0.4.2
 
 dependencies:
   - name: image-automation

diff --git a/charts/flink-job/README.md b/charts/flink-job/README.md
@@ -1,6 +1,6 @@
 # flink-job
 
-![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 0.4.2](https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 A Helm chart for handling Cheetah Data Platform Flink jobs
 

diff --git a/charts/flink-job/templates/_helpers.tpl b/charts/flink-job/templates/_helpers.tpl
@@ -278,7 +278,7 @@ Set a key=value in a dictionary, if the key is not defined
 
 {{- define "flink-job.sslVolumes" -}}
   {{- if $.Values.internalSsl.enabled -}}
-  {{ (dict "name" "truststore" "secret" (dict "secretName" (print (include "flink-job.fullname" . ) "-mtls-secret"))) | toYaml }}
+  {{ (dict "name" "truststore" "secret" (dict "secretName" (print (include "flink-job.nameWithimageHash" . ) "-mtls-secret"))) | toYaml }}
   {{- end -}}
 {{- end -}}
 
@@ -287,3 +287,7 @@ Set a key=value in a dictionary, if the key is not defined
     {{ (dict "name" "truststore" "mountPath" "/flinkkeystore" "readOnly" true) | toYaml}}
   {{- end -}}
 {{- end -}}
+
+{{- define "flink-job.nameWithimageHash" -}}
+  {{ include "flink-job.fullname" . }}{{ (sha256sum (nospace (toString .Values.image))) | trunc 10 }}
+{{- end -}}
diff --git a/charts/flink-job/templates/cert.yaml b/charts/flink-job/templates/cert.yaml
@@ -2,23 +2,23 @@
 apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
-  name: {{ printf "%s-mtls-issuer" ( include "flink-job.fullname" . ) | quote }}
+  name: {{ printf "%s-mtls-issuer" ( include "flink-job.nameWithimageHash" . ) | quote }}
 spec:
   selfSigned: {}
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: {{ printf "%s-mtls-crt" ( include "flink-job.fullname" . ) | quote }}
+  name: {{ printf "%s-mtls-crt" ( include "flink-job.nameWithimageHash" . ) | quote }}
 spec:
-  secretName: {{ printf "%s-mtls-secret" ( include "flink-job.fullname" . ) | quote }}
-  commonName: {{ printf "%s-mtls-crt" ( include "flink-job.fullname" . ) | quote }}
+  secretName: {{ printf "%s-mtls-secret" ( include "flink-job.nameWithimageHash" . ) | quote }}
+  commonName: {{ printf "%s-mtls-crt" ( include "flink-job.nameWithimageHash" . ) | quote }}
   issuerRef:
-    name: {{ printf "%s-mtls-issuer" ( include "flink-job.fullname" . ) | quote }}
+    name: {{ printf "%s-mtls-issuer" ( include "flink-job.nameWithimageHash" . ) | quote }}
   keystores:
     jks:
       create: true
       passwordSecretRef: # Password used to encrypt the keystore
         key: password
-        name: {{ printf "%s-mtls-password" ( include "flink-job.fullname" . ) | quote }}
+        name: {{ printf "%s-mtls-password" ( include "flink-job.nameWithimageHash" . ) | quote }}
 {{- end -}}