From d8e51e225851afc7c7a2e9ed8f18d6378514c72a Mon Sep 17 00:00:00 2001
From: Andrei Kvapil <kvapss@gmail.com>
Date: Wed, 3 Jan 2024 03:29:25 +0100
Subject: [PATCH] chart: generate SSL certificates (#3598)

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
---
 charts/templates/ovn-tls-secret.yaml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 charts/templates/ovn-tls-secret.yaml

diff --git a/charts/templates/ovn-tls-secret.yaml b/charts/templates/ovn-tls-secret.yaml
new file mode 100644
index 00000000000..dde402039df
--- /dev/null
+++ b/charts/templates/ovn-tls-secret.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.networking.ENABLE_SSL }}
+{{- $cn := "ovn" -}}
+{{- $ca := genCA "ovn-ca" 3650 -}}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kube-ovn-tls
+  namespace: {{ .Values.namespace }}
+data:
+{{- $existingSecret := lookup "v1" "Secret" .Values.namespace "kube-ovn-tls" }}
+  {{- if $existingSecret }}
+  cacert: {{ index $existingSecret.data "cacert" }}
+  cert: {{ index $existingSecret.data "cert" }}
+  key: {{ index $existingSecret.data "key" }}
+  {{- else }}
+  {{- with genSignedCert $cn nil nil 3650 $ca }}
+  cacert: {{ b64enc $ca.Cert }}
+  cert: {{ b64enc .Cert }}
+  key: {{ b64enc .Key }}
+  {{- end }}
+  {{- end }}
+{{- end }}