Closed mathianasj closed 4 years ago
raffaelespazzoli
commented
4 years ago I'm not sure I'm following, but for your information configmaps can hold binary data now: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#configmap-v1-core
mathianasj
commented
4 years ago but that does not work in openshift 4.3, correct?
mathianasj
commented
4 years ago And if you try to mount a configmap from binary data it cannot read the jks file since it tries to mount it as plain text files, unless I was doing something wrong. Here is my branch that was not working https://github.com/redhat-cop/cert-utils-operator/compare/master...mathianasj:add-java-truststore-configmap
raffaelespazzoli
commented
4 years ago it's available since 1.10 so it will work in 4.3, you need to put that file in the binaryData field.
mathianasj
commented
4 years ago @raffaelespazzoli ok will look at the other way i have for configmap and see if it works, then we will need to decide which approach makes more sense
mathianasj
commented
4 years ago I am probably going to reopen the one I closed and go that route so you don't have to have multiple copies of the same thing, ex copy configmap to secret and do that as this is proposing.
mathianasj
commented
4 years ago Going to close this because my initial approach was the better one to take.
Instead of taking the approach to make the truststore for java in the configmap, which causes it to not work because you cannot store binary in a configmap (closes #52). This will allow to inject the ca bundle from the configmap and use the traditional way of creating the truststore.