fix(agent): fix path used for ca certificates

sysdiglabs · Jul 12, 2023 · de3e5f7 · de3e5f7
1 parent 5380438
commit de3e5f7
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 58 deletions.
diff --git a/charts/agent/templates/_helpers.tpl b/charts/agent/templates/_helpers.tpl
@@ -445,7 +445,7 @@ ssl: {{ $ssl }}
 ssl_verify_certificate: {{ $sslVerifyCertificate }}
 {{- end }}
 {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
-ca_certificate: /ca-certs/{{ include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) }}
+ca_certificate: /etc/ca-certs/{{ include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) }}
 {{- end }}
 {{- end }}
 

diff --git a/charts/agent/templates/configmap-deployment.yaml b/charts/agent/templates/configmap-deployment.yaml
@@ -49,7 +49,7 @@ data:
 */}}
 {{- if and (eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true") (.Values.sysdig.settings) (hasKey .Values.sysdig.settings "http_proxy") (hasKey .Values.sysdig.settings.http_proxy "ssl") (eq (get .Values.sysdig.settings.http_proxy "ssl") true) }}
   {{- $baseSettings := .Values.sysdig.settings -}}
-  {{- $caFilePath := printf "%s%s" "/ca-certs/" (include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl)) }}
+  {{- $caFilePath := printf "%s%s" "/etc/ca-certs/" (include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl)) }}
   {{- $mergedSettings := mergeOverwrite $baseSettings (dict "http_proxy" (dict "ca_certificate" $caFilePath)) -}}
   {{ toYaml $mergedSettings | indent 4 }}
 {{- else if .Values.sysdig.settings }}

diff --git a/charts/agent/templates/configmap.yaml b/charts/agent/templates/configmap.yaml
@@ -32,7 +32,7 @@ data:
 */}}
 {{- if and (eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true") (.Values.sysdig.settings) (hasKey .Values.sysdig.settings "http_proxy") (hasKey .Values.sysdig.settings.http_proxy "ssl") (eq (get .Values.sysdig.settings.http_proxy "ssl") true) }}
   {{- $baseSettings := .Values.sysdig.settings -}}
-  {{- $caFilePath := printf "%s%s" "/ca-certs/" (include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl)) }}
+  {{- $caFilePath := printf "%s%s" "/etc/ca-certs/" (include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl)) }}
   {{- $mergedSettings := mergeOverwrite $baseSettings (dict "http_proxy" (dict "ca_certificate" $caFilePath)) -}}
   {{ toYaml $mergedSettings | indent 4 }}
 {{- else if .Values.sysdig.settings }}

diff --git a/charts/agent/templates/daemonset.yaml b/charts/agent/templates/daemonset.yaml
@@ -113,13 +113,13 @@ spec:
           {{- end }}
           {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
             - name: SSL_CERT_FILE
-              value: /ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
+              value: /opt/draios/etc/ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
           {{- end }}
           volumeMounts:
           {{- /* Always requested */}}
             {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
             - name: ca-cert
-              mountPath: /ca-certs
+              mountPath: /opt/draios/etc/ca-certs
               readOnly: true
             {{- end }}
 
@@ -204,7 +204,7 @@ spec:
             {{- end }}
             {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
             - name: SSL_CERT_FILE
-              value: /ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
+              value: /opt/draios/etc/ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
             {{- end }}
           readinessProbe:
             exec:
@@ -228,7 +228,7 @@ spec:
 
           {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
             - name: ca-cert
-              mountPath: /ca-certs
+              mountPath: /opt/draios/etc/ca-certs
               readOnly: true
           {{- end }}
 

diff --git a/charts/agent/templates/deployment.yaml b/charts/agent/templates/deployment.yaml
@@ -100,7 +100,7 @@ spec:
           {{- end }}
           {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
           - name: SSL_CERT_FILE
-            value: /ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
+            value: /opt/draios/etc/ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
           {{- end }}
           readinessProbe:
             exec:
@@ -125,7 +125,7 @@ spec:
               name: podinfo
             {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
             - name: ca-cert
-              mountPath: /ca-certs
+              mountPath: /opt/draios/etc/ca-certs
               readOnly: true
             {{- end }}