No imagePullPolicy for self signed SSL certificate container

[bdalpe]

Preflight Checklist

• [X] I could not find a solution in the existing issues, docs, nor discussions
• [ ] I have joined the ZITADEL chat

Describe your problem

The chart does not have a configurable value for imagePullPolicy in the alpine/openssl initContainer. This causes the imagePullPolicy to be set to Always by default resulting in excessive pulling from Docker.

Describe your ideal solution

As a user of the Helm Chart, I want to be able to configure the imagePullPolicy for the self signed certificate generation.

Version

7.6.1

App version

v2.46.0

Additional Context

Why not consider using Helm's built-in [genSelfSignedCert](https://helm.sh/docs/chart_template_guide/function_list/#genselfsignedcert) function? This eliminates the need for the initContainer all together

[hifabienne]

Thank you for sharing your idea. If there is a significant demand from customers/community, we will carefully consider implementing the feature. Currently, the issue will be added to our product backlog to collect feedback.

[eliobischof]

Why not consider using Helm's built-in genSelfSignedCert function? This eliminates the need for the initContainer all together

I was not aware of this function. Actually, I like this approach more so we can get rid of the init container. @bdalpe would you mind creating an issue for that and close this one?

[gecube]

Why not consider using Helm's built-in genSelfSignedCert function? This eliminates the need for the initContainer all together

I don't like it and prefer to use cert-manager which in fact is almost the essential component of many clusters.

[bdalpe]

@eliobischof I will close this and also reference @gecube's cert-manager request.

@gecube, I agree with you that cert-manager should be used, but there also needs to be a simple way to test this chart without the dependency of cert-manager being installed.

I will add my thoughts in a new ticket.