Skip to content

Commit 0b26885

Browse files
MoisesGSalasMoisesGSalas
committed
feat: add support for TLS connections to clickhouse
1 parent 81c4af3 commit 0b26885

File tree

4 files changed

+45
-0
lines changed

4 files changed

+45
-0
lines changed

drydock/patches/kustomization

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,3 +31,13 @@ patches:
3131
kind: Deployment
3232
name: '{% for name in DRYDOCK_POST_INIT_DEPLOYMENTS %}{{ name }}{% if not loop.last %}|{% endif %}{% endfor %}'
3333
path: plugins/drydock/k8s/patches/post-init-deployments-sync-wave.yml
34+
35+
- path: plugins/drydock/k8s/patches/tls-volume-append.yml
36+
target:
37+
kind: "(Deployment|Job)"
38+
name: aspects|superset-job.*|aspects-job.*|ralph
39+
40+
- path: plugins/drydock/k8s/patches/tls-volume-add.yml
41+
target:
42+
kind: "(Deployment|Job)"
43+
name: clickhouse-job.*

drydock/plugin.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -152,6 +152,7 @@ def get_sync_waves_for_resource(resource_name: str) -> SYNC_WAVES_ORDER_ATTRS_TY
152152
"PDB_MINAVAILABLE_PERCENTAGE_MFE": 0,
153153
"PDB_MINAVAILABLE_PERCENTAGE_FORUM": 0,
154154
"PDB_MINAVAILABLE_PERCENTAGE_CADDY": 0,
155+
"CA_BUNDLE_NAME": "cluster-bundle",
155156
"POST_INIT_DEPLOYMENTS": [
156157
"lms",
157158
"cms",

drydock/templates/drydock/k8s/patches/tls-volume-add.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
- op: add
2+
path: /spec/template/spec/volumes
3+
value:
4+
- name: ca-certificates
5+
configMap:
6+
name: cluster-bundle
7+
defaultMode: 420 # Octal 0644
8+
optional: false
9+
items:
10+
- key: ca-certificates.crt
11+
path: ca-certificates.crt
12+
- op: add
13+
path: /spec/template/spec/containers/0/volumeMounts
14+
value:
15+
- name: ca-certificates
16+
readOnly: true
17+
mountPath: /etc/ssl/certs

drydock/templates/drydock/k8s/patches/tls-volume-append.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
- op: add
2+
path: /spec/template/spec/volumes/-
3+
value:
4+
name: ca-certificates
5+
configMap:
6+
name: cluster-bundle
7+
defaultMode: 420 # Octal 0644
8+
optional: false
9+
items:
10+
- key: ca-certificates.crt
11+
path: ca-certificates.crt
12+
- op: add
13+
path: /spec/template/spec/containers/0/volumeMounts/-
14+
value:
15+
name: ca-certificates
16+
readOnly: true
17+
mountPath: /etc/ssl/certs

0 commit comments

Comments
 (0)