Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 9d4739505d |
@@ -48,10 +48,25 @@ spec:
|
|||||||
- secretRef:
|
- secretRef:
|
||||||
name: environment
|
name: environment
|
||||||
optional: false
|
optional: false
|
||||||
|
env:
|
||||||
|
# Terraform provider registry signing. The secret is mounted
|
||||||
|
# optional, so the pod runs before it exists; artifactapi keeps the
|
||||||
|
# registry disabled until a readable key is present.
|
||||||
|
- name: TF_SIGNING_KEY_PATH
|
||||||
|
value: /etc/artifactapi/tf-signing/private-key.asc
|
||||||
|
- name: TF_SIGNING_KEY_PASSPHRASE
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: artifactapi-tf-signing
|
||||||
|
key: passphrase
|
||||||
|
optional: true
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: combined-certs
|
- name: combined-certs
|
||||||
mountPath: /etc/ssl/combined
|
mountPath: /etc/ssl/combined
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- name: tf-signing-key
|
||||||
|
mountPath: /etc/artifactapi/tf-signing
|
||||||
|
readOnly: true
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
failureThreshold: 3
|
failureThreshold: 3
|
||||||
httpGet:
|
httpGet:
|
||||||
@@ -88,4 +103,8 @@ spec:
|
|||||||
path: ca.crt
|
path: ca.crt
|
||||||
- name: combined-certs
|
- name: combined-certs
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
- name: tf-signing-key
|
||||||
|
secret:
|
||||||
|
secretName: artifactapi-tf-signing
|
||||||
|
optional: true
|
||||||
restartPolicy: Always
|
restartPolicy: Always
|
||||||
|
|||||||
Reference in New Issue
Block a user