Mount correctly

ruivieira · Feb 27, 2024 · 0de628e · 0de628e
1 parent 90403b3
commit 0de628e
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 21 deletions.
diff --git a/controllers/deployment_test.go b/controllers/deployment_test.go
@@ -343,28 +343,20 @@ var _ = Describe("TrustyAI operator", func() {
 
 			Expect(deployment.Spec.Template.Spec.ServiceAccountName).To(Equal(instance.Name + "-proxy"))
 
-			foundTrustedCAVolume := false
-			for _, volume := range deployment.Spec.Template.Spec.Volumes {
-				if volume.Name == caBundleName && volume.ConfigMap != nil && volume.ConfigMap.Name == caBundleName {
-					foundTrustedCAVolume = true
-					Expect(volume.ConfigMap.Items).To(ContainElement(corev1.KeyToPath{
-						Key:  "ca-bundle.crt",
-						Path: "tls-ca-bundle.pem",
-					}))
-				}
-			}
-			Expect(foundTrustedCAVolume).To(BeTrue(), caBundleName+" volume not found")
+			foundCustomCertificatesBundleVolumeMount := false
 
-			foundTrustedCAVolumeMount := false
+			customCertificatesBundleMountPath := "/etc/ssl/certs/ca-bundle.crt" // Adjust this based on your actual mount path
 			for _, container := range deployment.Spec.Template.Spec.Containers {
 				for _, volumeMount := range container.VolumeMounts {
-					if volumeMount.Name == caBundleName && volumeMount.MountPath == "/etc/pki/ca-trust/extracted/pem" {
-						foundTrustedCAVolumeMount = true
+					if volumeMount.Name == caBundleName && volumeMount.MountPath == customCertificatesBundleMountPath {
+						foundCustomCertificatesBundleVolumeMount = true
 					}
 				}
 			}
-			Expect(foundTrustedCAVolumeMount).To(BeTrue(), caBundleName+"trusted-ca volume mount not found in any container")
-			Expect(k8sClient.Delete(ctx, caBundleConfigMap)).To(Succeed(), "failed to delete custom CA bundle ConfigMap")
+			Expect(foundCustomCertificatesBundleVolumeMount).To(BeTrue(), caBundleName+" volume mount not found in any container")
+
+			// Assuming you want to clean up after your test
+			Expect(k8sClient.Delete(ctx, caBundleConfigMap)).To(Succeed(), "failed to delete custom certificates bundle ConfigMap")
 
 		})
 	})

diff --git a/controllers/templates/service/deployment.tmpl.yaml b/controllers/templates/service/deployment.tmpl.yaml
@@ -96,7 +96,8 @@ spec:
           {{ if .CustomCertificatesBundle.IsDefined }}
             - name: {{ .CustomCertificatesBundle.VolumeName }}
               readOnly: true
-              mountPath: /etc/pki/ca-trust/extracted/pem
+              mountPath: /etc/ssl/certs/ca-bundle.crt
+              subPath: ca-bundle.crt
               {{ end }}
             - name: {{ .Instance.Name }}-tls
               mountPath: /etc/tls/private
@@ -107,7 +108,7 @@ spec:
             - '--email-domain=*'
             - '--openshift-service-account={{ .Instance.Name }}-proxy'
             {{ if .CustomCertificatesBundle.IsDefined }}
-            - '--openshift-ca=/etc/pki/tls/certs/ca-bundle.crt'
+            - '--openshift-ca=/etc/ssl/certs/ca-bundle.crt'
             {{ end }}
             - '--provider=openshift'
             - '--tls-cert=/etc/tls/private/tls.crt'
@@ -128,9 +129,6 @@ spec:
         - name: {{ .CustomCertificatesBundle.VolumeName}}
           configMap:
             name: {{ .CustomCertificatesBundle.ConfigMapName }}
-            items:
-              - key: ca-bundle.crt
-                path: tls-ca-bundle.pem
             defaultMode: 420
         {{ end }}
         - name: {{ .Instance.Name}}-tls