Closed
Description
Problem
Currently, to set a custom certificate for the Helm chart (required for Coder deployments with self-signed certificates) you must create a new Docker image that extends the current one. The extended image needs to add in your custom certificate and set the SSL_CERT_FILE or SSL_CERT_DIR environment variable. You must then reference this custom image in the Helm chart (example of both below).
Solution
The environment variables should be able to be set through values.yaml and the custom certificates should be able to be mounted as a volume or from a secret (like in the Coder helm chart for certs and tls).
Examples
Custom Dockerfile
FROM ghcr.io/coder/coder-logstream-kube:latest
ADD mycert.crt mycert.crt
ENV SSL_CERT_FILE="mycert.crt"values.yaml
# url -- The URL of your Coder deployment. Must prefix with http or https
url: "https://coder.mydomain.local"
# namespace -- The namespace to searching for Pods within.
# If unspecified, this defaults to the Helm namespace.
namespace: ""
# image -- The image to use.
image:
# image.repo -- The repository of the image.
repo: "myCustomRepo/coder-logstream-kube"
# image.tag -- The tag of the image, defaults to {{.Chart.AppVersion}}
# if not set. If you're using the chart directly from git, the default
# app version will not work and you'll need to set this value. The helm
# chart helpfully fails quickly in this case.
tag: "latest"
# image.pullPolicy -- The pull policy to use for the image. See:
# https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
pullPolicy: Always
# image.pullSecrets -- The secrets used for pulling the Coder image from
# a private registry.
pullSecrets: []
# - name: "pull-secret"
serviceAccount:
# serviceAccount.annotations -- The service account annotations.
annotations: {}
# serviceAccount.labels -- The service account labels.
labels: {}
# coder.serviceAccount.name -- The service account name
name: coder-logstream-kube