From 0f111285158a59fbfb64e3dc2d92fee9098b024f Mon Sep 17 00:00:00 2001 From: Haim Kortovich Date: Tue, 28 May 2024 11:33:49 -0500 Subject: [PATCH] Add User SSL [ZITADOPER-1] --- src/pkg/builder/job_builder.go | 25 ++++++++++++++++++++++ src/pkg/controller/configmap/controller.go | 3 +++ 2 files changed, 28 insertions(+) diff --git a/src/pkg/builder/job_builder.go b/src/pkg/builder/job_builder.go index 7604a2a..d168970 100644 --- a/src/pkg/builder/job_builder.go +++ b/src/pkg/builder/job_builder.go @@ -67,6 +67,18 @@ func (b *Builder) BuildInitJob(zitadel *zitadelv1alpha1.ZitadelCluster, key type Name: "ZITADEL_DATABASE_COCKROACH_ADMIN_SSL_KEY", Value: "/certs/tls.key", }, + { + Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_ROOTCERT", + Value: "/certs/ca.crt", + }, + { + Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_CERT", + Value: "/certs/tls.crt", + }, + { + Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_KEY", + Value: "/certs/tls.key", + }, }, VolumeMounts: []corev1.VolumeMount{ {Name: "zitadel-config-yaml", MountPath: "/config"}, @@ -150,6 +162,19 @@ func (b *Builder) BuildSetupJob(zitadel *zitadelv1alpha1.ZitadelCluster, key typ Name: "ZITADEL_DATABASE_COCKROACH_ADMIN_SSL_KEY", Value: "/certs/tls.key", }, + + { + Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_ROOTCERT", + Value: "/certs/ca.crt", + }, + { + Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_CERT", + Value: "/certs/tls.crt", + }, + { + Name: "ZITADEL_DATABASE_COCKROACH_USER_SSL_KEY", + Value: "/certs/tls.key", + }, }, VolumeMounts: []corev1.VolumeMount{ {Name: "zitadel-config-yaml", MountPath: "/config"}, diff --git a/src/pkg/controller/configmap/controller.go b/src/pkg/controller/configmap/controller.go index ec35f80..aaf6841 100644 --- a/src/pkg/controller/configmap/controller.go +++ b/src/pkg/controller/configmap/controller.go @@ -33,6 +33,9 @@ func (r *ConfigMapReconciler) ReconcileZitadelConfiguration(ctx context.Context, Database: Cockroach: Host: %s + User: + SSL: + Mode: require Admin: SSL: Mode: require