Fixes for TLS for Zoekt gateway
This TLS stuff was originally add in !15 (merged) .
When we tried to roll it out to GSTG in gitlab-com/gl-infra/k8s-workloads/gitlab-com!2806 (diffs) we noticed a few problems:
- The main problem was that the YAML syntax was invalid when
dnsNames
was set because it was getting merged onto the same line asipAddresses
. I never spotted this because I originally wanted to useipAddresses
instead ofdnsNames
but now that we're usingdnsNames
I'm just going to removeipAddresses
- The
privateKey
was hardcoded and we maybe want this to be configurable so we have moved it intovalues
- We wanted to add annotations to the
statefulSet
to reload when the secret changed. Now we've added that annotation into the chart as well as allowed for configuring yet more annotations for the stateful set with values
Related to gitlab-org/gitlab#389749 (closed)
Edited by Dylan Griffith