feat: ✨ add cacert with schema

InseeFrLab · Oct 1, 2024 · 8397089 · 8397089
1 parent 8efcf94
commit 8397089
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 16 deletions.
diff --git a/charts/vscode-python/templates/statefulset.yaml b/charts/vscode-python/templates/statefulset.yaml
@@ -100,14 +100,14 @@ spec:
               mkdir /dest/metaflow;
               cp /src/metaflow/config.json /dest/metaflow/config.json;
               {{- end }}
-              {{- if .Values.certificateAuthorityInjection }}
-              {{- if .Values.certificateAuthorityInjection.cacerts }}
+              {{- if .Values.certificates }}
+              {{- if .Values.certificates.cacerts }}
               mkdir /dest/certs;
-              if [[ {{ .Values.certificateAuthorityInjection.cacerts }} =~ ^https?://.+$ ]]; 
+              if [[ {{ .Values.certificates.cacerts }} =~ ^https?://.+$ ]]; 
               then
-                  curl -s {{ .Values.certificateAuthorityInjection.cacerts }} -o /tmp/ca.pem
+                  curl -s {{ .Values.certificates.cacerts }} -o /tmp/ca.pem
               else
-                  echo -n {{ .Values.certificateAuthorityInjection.cacerts }} | base64 -d > /tmp/ca.pem;
+                  echo -n {{ .Values.certificates.cacerts }} | base64 -d > /tmp/ca.pem;
               fi
               awk 'BEGIN {c=0;} /BEGIN CERT/{c++} { print > "/tmp/cert." c ".crt"}' < /tmp/ca.pem;
               cp /tmp/*.crt /dest/certs/;
@@ -231,10 +231,10 @@ spec:
               mountPath: /home/{{ .Values.environment.user}}/.metaflowconfig
               subPath: metaflow
             {{- end }}
-            {{- if .Values.certificateAuthorityInjection }}
-            {{- if .Values.certificateAuthorityInjection.pathToCaBundle }}
+            {{- if .Values.certificates }}
+            {{- if .Values.certificates.pathToCaBundle }}
             - name: config-files
-              mountPath: {{ .Values.certificateAuthorityInjection.pathToCaBundle }}
+              mountPath: {{ .Values.certificates.pathToCaBundle }}
               subPath: certs
             {{- end }}
             {{- end }}  

diff --git a/charts/vscode-python/values.schema.json b/charts/vscode-python/values.schema.json
@@ -837,27 +837,28 @@
           }
       }
   },
-  "certificateAuthorityInjection": {
+  "certificates": {
     "description": "It can be used to inject certificate authority into the services, if the Helm chart in the catalog allows it you can bind this value to the Helm chart value to add some certificate authorities in the pod.",
     "type": "object",
+    "x-onyxia": {
+      "overwriteSchemaWith": "certificates.json"
+    },
     "default": {},
     "properties": {
       "cacerts": {
         "type": "string",
         "description": "String of crts concatenated in base64, can be a url",
         "default": "",
         "x-onyxia": {
-          "hidden": true,
-          "overwriteDefaultWith": "{{certificateAuthorityInjection.cacerts}}"
+          "hidden": true
         }
       },
       "pathToCaBundle": {
         "type": "string",
         "description": "String path where a bundle is made or injected by third party solution",
         "default": "/usr/local/share/ca-certificates/",
         "x-onyxia": {
-          "hidden": true,
-          "overwriteDefaultWith": "{{certificateAuthorityInjection.pathToCaBundle}}"
+          "hidden": true
         }
       }
     }

diff --git a/charts/vscode-python/values.yaml b/charts/vscode-python/values.yaml
@@ -221,9 +221,9 @@ proxy:
   httpProxy: ""
   httpsProxy: ""
 
-# certificateAuthorityInjection:
-#   pathToCaBundle:
-#   cacerts:
+certificates: {}
+  # pathToCaBundle: /usr/local/share/ca-certificates/
+  # cacerts: ""
 
 message:
   fr: ""