pssg certificate getting rotate

[Carlospi99]

https://github.com/CAAPIM/apim-charts/blob/55d97eeda8ed670093f698a00789e10068eda75a/charts/portal/templates/jobs/cert-update-job.yaml#L76

Guys maybe is me only but when I put the value none for tls.job.rotate the certificate for pssg still getting change..

1. Deploy portal
2. create tenant and enroll gateway
3. Stop portal for ( stop all pods or removed the deplyment, I got external db)
4. redeploy Portal.. the portal start ok but the gateways enrolled cannot sync.
5. check the error in gateway and is noticed that is the ssl cert for PSSG.. ( this was change while redeployment).

after we introduce the the none value in the rotation of the cert.

6. Stop portal for ( stop all pods or removed the deplyment, I got external db)
7. change the value in the repo for Rotate = none
8. redeploy Portal.. the portal start ok but the gateways enrolled still can't sync with the portal due a another new cert was create.

to reassure I was maybe going to get the none from this time.

9. Stop portal for ( stop all pods or removed the deplyment, I got external db)
10. check the value in the repo for Rotate = none
11. redeploy Portal.. the portal start ok but the gateways enrolled still can't sync with the portal due a another new cert was create. .. I also check that the value non was passed during deployment, and was there,, but the pssg cert change..

if you have test this let me know..

Thank you

[Carlospi99]

this didn't happened in version4.5. as in version 4.5 we were running the creation of the certs before applying the deployment

[Gazza7205]

The job defaults to running and ignores rotate if .Release.IsInstall is true.

The job can be disabled to guarantee existing secrets are not overwritten tls.job.enabled=false.