From 88db498bcd1663b543182ecf432d05e316d88761 Mon Sep 17 00:00:00 2001 From: KubeSphere CI Bot <47586280+ks-ci-bot@users.noreply.github.com> Date: Tue, 24 Sep 2024 16:54:15 +0800 Subject: [PATCH] [release-4.1] fix: add annotation checksum/cert to extensions-museum pod (#6202) fix: add annotation checksum/cert to extensions-museum pod Signed-off-by: joyceliu Co-authored-by: joyceliu --- config/ks-core/templates/extension-museum.yaml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/config/ks-core/templates/extension-museum.yaml b/config/ks-core/templates/extension-museum.yaml index 32dda5439..48c4805bd 100644 --- a/config/ks-core/templates/extension-museum.yaml +++ b/config/ks-core/templates/extension-museum.yaml @@ -1,4 +1,11 @@ {{- if .Values.ksExtensionRepository.enabled }} + +{{- $ca := genCA "self-signed-ca" 3650 }} +{{- $cn := printf "%s-extensions-museum" .Release.Name }} +{{- $altName1 := printf "extensions-museum.%s" .Release.Namespace }} +{{- $altName2 := printf "extensions-museum.%s.svc" .Release.Namespace }} +{{- $cert := genSignedCert $cn nil (list $altName1 $altName2) 3650 $ca }} + apiVersion: apps/v1 kind: Deployment metadata: @@ -15,6 +22,9 @@ spec: metadata: labels: app: extensions-museum + annotations: + # force restart ks-apiserver after the upgrade is complete if kubesphere-config changes + checksum/cert: {{ sha256sum $cert.Cert }} spec: {{- include "extensions_museum.imagePullSecrets" . | nindent 6 }} containers: @@ -39,14 +49,8 @@ spec: - name: certs secret: secretName: extensions-museum-certs + --- - -{{- $ca := genCA "self-signed-ca" 3650 }} -{{- $cn := printf "%s-extensions-museum" .Release.Name }} -{{- $altName1 := printf "extensions-museum.%s" .Release.Namespace }} -{{- $altName2 := printf "extensions-museum.%s.svc" .Release.Namespace }} -{{- $cert := genSignedCert $cn nil (list $altName1 $altName2) 3650 $ca }} - apiVersion: v1 kind: Secret metadata: