This change updates the deploy support for the SSL certficate that is used for cortx-control (CSM) and cortx-server (RGW) pods.
In solution.yaml, if common.ssl.secret is specified, then a pre-built SSL certifiate will be used to create the Secret that holds the certificate.
Alternatively, if common.ssl.externa_secret is specified, then CORTX will use the certificate contained in the specified
secret.
The specified secret must be in the form of a pem file that contains both the certifcate and private key.
Note: It would be better to generate a certificate rather than use a previously-generated one. This PR does not address this, but rather continues the current process of using the previously-generated certificate. We can work on that later.
Type of change
[ ] Bug fix (non-breaking change that fixes an issue)
[x] New feature (non-breaking change that adds new functionality)
[ ] Breaking change (bug fix or new feature that breaks existing functionality)
[ ] Third-party dependency update
[ ] Documentation additions or improvements
[ ] Code quality improvements to existing code or test additions/updates
Applicable issues
This change fixes an issue: CORTX-30966
CORTX image version requirements
N/A
How was this tested?
For each of the following scenarios I deployed, created an IAM use (CSM), ran S3 IO, and destroyed the cluster
deploy script creates secret:
default config: "cortx-cert", "cortx.pem"
alternate secret name
alternate secret key
use external secret
Tested solution.yaml validation
Checklist
[x] The change is tested and works locally.
[ ] New or changed settings in the solution YAML are documented clearly in the README.md file.
Description
This change updates the deploy support for the SSL certficate that is used for cortx-control (CSM) and cortx-server (RGW) pods.
In solution.yaml, if common.ssl.secret is specified, then a pre-built SSL certifiate will be used to create the Secret that holds the certificate.
Alternatively, if common.ssl.externa_secret is specified, then CORTX will use the certificate contained in the specified secret.
The specified secret must be in the form of a pem file that contains both the certifcate and private key.
Note: It would be better to generate a certificate rather than use a previously-generated one. This PR does not address this, but rather continues the current process of using the previously-generated certificate. We can work on that later.
Type of change
Applicable issues
CORTX image version requirements
N/A
How was this tested?
Checklist
If this change requires newer CORTX or third party image versions:
image
fields in solution.example.yaml have been updated to use the required versions.appVersion
field of the Helm chart has been updated to use the new CORTX version.If this change addresses a CORTX Jira issue:
CORTX-XXXXX:
)