helm-charts icon indicating copy to clipboard operation
helm-charts copied to clipboard

Published 20 hours ago verified publisher icon cockroachdb

Add extraPodSpec to statefulset and init job

Open oliverisaac opened this issue 3 years ago • 2 comments

This PR allows adding arbitrary values to the statefulset's pod spec. (As well as the init job.) This is needed to allow setting shareProcessNamespace: true to the pod spec to accommodate Hashicorp Vault injected dynamic certificates.

oliverisaac avatar Nov 22 '21 17:11 oliverisaac

Can you please add some tests for this feature and then we can take a look a it.

The workflow you are trying to support is using vault to generate the certs instead of CRDBs self-signed version?

udnay avatar Nov 25 '21 14:11 udnay

The workflow you are trying to support is using vault to generate the certs instead of CRDBs self-signed version?

Yes, in general that's what I'm trying to support. Though, since I've made this PR, there are other fields I need to add to set cockroach up to not use --insecure while also not using the cert self signer.

oliverisaac avatar Nov 28 '21 16:11 oliverisaac