Add User SSL

[ZITADOPER-1]
2024-05-28 11:33:49 -05:00
parent 8afe966765
commit 0f11128515
2 changed files with 28 additions and 0 deletions
--- a/src/pkg/builder/job_builder.go
+++ b/src/pkg/builder/job_builder.go
@@ -67,6 +67,18 @@ func (b *Builder) BuildInitJob(zitadel *zitadelv1alpha1.ZitadelCluster, key type
 									Name:  "ZITADEL_DATABASE_COCKROACH_ADMIN_SSL_KEY",
 									Value: "/certs/tls.key",
 								},
+								{
+									Name:  "ZITADEL_DATABASE_COCKROACH_USER_SSL_ROOTCERT",
+									Value: "/certs/ca.crt",
+								},
+								{
+									Name:  "ZITADEL_DATABASE_COCKROACH_USER_SSL_CERT",
+									Value: "/certs/tls.crt",
+								},
+								{
+									Name:  "ZITADEL_DATABASE_COCKROACH_USER_SSL_KEY",
+									Value: "/certs/tls.key",
+								},
 							},
 							VolumeMounts: []corev1.VolumeMount{
 								{Name: "zitadel-config-yaml", MountPath: "/config"},
@@ -150,6 +162,19 @@ func (b *Builder) BuildSetupJob(zitadel *zitadelv1alpha1.ZitadelCluster, key typ
 									Name:  "ZITADEL_DATABASE_COCKROACH_ADMIN_SSL_KEY",
 									Value: "/certs/tls.key",
 								},
+
+								{
+									Name:  "ZITADEL_DATABASE_COCKROACH_USER_SSL_ROOTCERT",
+									Value: "/certs/ca.crt",
+								},
+								{
+									Name:  "ZITADEL_DATABASE_COCKROACH_USER_SSL_CERT",
+									Value: "/certs/tls.crt",
+								},
+								{
+									Name:  "ZITADEL_DATABASE_COCKROACH_USER_SSL_KEY",
+									Value: "/certs/tls.key",
+								},
 							},
 							VolumeMounts: []corev1.VolumeMount{
 								{Name: "zitadel-config-yaml", MountPath: "/config"},
--- a/src/pkg/controller/configmap/controller.go
+++ b/src/pkg/controller/configmap/controller.go
@@ -33,6 +33,9 @@ func (r *ConfigMapReconciler) ReconcileZitadelConfiguration(ctx context.Context,
 Database:
  Cockroach:
    Host: %s
+    User:
+     SSL:
+       Mode: require
    Admin:
     SSL:
       Mode: require