feat: handle mTLS support #162
Conversation
|
|
There was a problem hiding this comment.
Thanks for the contribution!
One overall question on the approach: would it be more ergonomic to either structure the tls template in the config map a little more and add the nested internode and frontend sections (which users could specify either one or both of) or make a more generic splat for additionalConfig or something like that?
the structured approach would be more helm idiomatic and provide better checking for things, but the splat would allow looser coupling of the helm chart and the server config which could be useful too ... thoughts?
|
Thanks for the review, comments addressed. For the global approach, I can work for a more atomic configuration. For the additionalConfig: I'm not a helm expert but the usage is more for adding boot scripts or composite config files or something like that no? because in our case everything is in the same file at the end |
|
@underrun , I reworked the configMap to be more atomic, WDYT ? it's my first Helm project, don't hesitate if I use wrong practices. |
|
@underrun, @alexshtin , do you have time to check this ? |
|
Based on our new approach to structuring our helm chart this will be supported in a different way. See temporalio/proposals#42 for more details on what's changing. |
|
I had went with customisation of the existing chart based from the pull request above |
|
Were you able to get the env vars for configuring TLS working? In my testing with the latest helm chart, the Template in helm: https://github.com/temporalio/helm-charts/blob/master/templates/server-configmap.yaml |
What was changed:
This PR add support to configure mTLS temporal
Why?
Checklist
Closes issue:
How was this tested:
Deploy with and without all new options to a RKE cluster with success
Done in the Readme