Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 9d4739505d |
@@ -48,10 +48,25 @@ spec:
|
||||
- secretRef:
|
||||
name: environment
|
||||
optional: false
|
||||
env:
|
||||
# Terraform provider registry signing. The secret is mounted
|
||||
# optional, so the pod runs before it exists; artifactapi keeps the
|
||||
# registry disabled until a readable key is present.
|
||||
- name: TF_SIGNING_KEY_PATH
|
||||
value: /etc/artifactapi/tf-signing/private-key.asc
|
||||
- name: TF_SIGNING_KEY_PASSPHRASE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: artifactapi-tf-signing
|
||||
key: passphrase
|
||||
optional: true
|
||||
volumeMounts:
|
||||
- name: combined-certs
|
||||
mountPath: /etc/ssl/combined
|
||||
readOnly: true
|
||||
- name: tf-signing-key
|
||||
mountPath: /etc/artifactapi/tf-signing
|
||||
readOnly: true
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
httpGet:
|
||||
@@ -88,4 +103,8 @@ spec:
|
||||
path: ca.crt
|
||||
- name: combined-certs
|
||||
emptyDir: {}
|
||||
- name: tf-signing-key
|
||||
secret:
|
||||
secretName: artifactapi-tf-signing
|
||||
optional: true
|
||||
restartPolicy: Always
|
||||
|
||||
Reference in New Issue
Block a user