Comments (7)
unique-dominik
commented on May 30, 2024
2
We are deploying at an FSI customer on premise and we need to fumble the chart a bit (user can never be root, fs changes must be made via securityContext etc. Once I have that stuff running I try to PR it if you are not faster.
from zitadel-charts.
fforootd
commented on May 30, 2024
1
Nice, thanks for sharing, I think this becomes more relevant with each day 😁
from zitadel-charts.
unique-dominik
commented on May 30, 2024
@fforootd Is it enough to just mount the directory/file if we do not use the proxy? Can we also set the SSL_CERT_FILE environment variable to tell Zitadel to use it. Same here btw, if I make it work at the bank, a meaty PR awaits 😂
from zitadel-charts.
unique-dominik
commented on May 30, 2024
Self-reply 1 for the docs: Yes, it is enough to just mount them like:
extraVolumeMounts:
- name: ca-certs
mountPath: /etc/ssl/certs/ca-certs.crt
readOnly: true
extraVolumes:
- name: ca-certs
secret:
defaultMode: 420
secretName: ca-certs
from zitadel-charts.
Related Issues (20)
- Test unauthenticated gRPC and gRPC-Web calls
- Values from dependency chart not being propagated to zitadel HOT 4
- feat: Add support for topologySpreadConstraints
- selectorLabel "app.kubernetes.io/version" disregards .Values.image.tag override
- is there anyway to use zitadel without giving database admin access? HOT 11
- Deployment probes fail when using TLS Enabled
- `Errors.Org.PolicyNotExisting` after upgrading from chart 7.1.0 to 7.3.0 HOT 3
- Provision "root" jwt_token on installation HOT 7
- User could not be found when used DefaultInstance in the chart HOT 3
- feat: Add annotations to deployment / configMap resources HOT 2
- Allow default annotations to be overriden in a clean way HOT 2
- [Bug]: Helm upgrade fails because the databases already exists (zitadel-setup) HOT 1
- [Bug]: masterkey or masterkeySecretName values not recognized when used in an umbrella Chart HOT 17
- Add `--init-projections=true` to setup job HOT 2
- [Bug]: when config.yaml is stored in a kubernetes secret certain values are ignored HOT 3
- Add option to add custom labels to the k8s pod
- chown init-container should run as non-root HOT 4
- chown init-container should not render without secret HOT 5
- No imagePullPolicy for self signed SSL certificate container HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zitadel-charts.