Feature request: Add support to use custom tls for rbacProxy #428
Description
Hi,
I want to request to update rbacProxy section, example image tag need to change with the latest version, verbose on args, etc.
But, on this issue I want to request to add custom tls option, example like this :
values.yaml :
rbacProxy:
enabled: false
....
extraArgs: []
extraVolumeMounts: []
# - name: extra-volume
# mountPath: /custom-secret
# readOnly: true
# tls enables using TLS resources from a volume on secret referred to in tlsSecret below.
# When enabling tlsClientAuth, client CA certificate must be set in tlsSecret.caItem.
# Ref. https://github.com/brancz/kube-rbac-proxy/issues/187
tls:
enabled: false
tlsClientAuth: false
templates -> daemonset.yaml :
- name: kube-rbac-proxy
....
args:
# -- request extraArgs
{{- if $.Values.rbacProxy.extraArgs }}
{{- $.Values.rbacProxy.extraArgs | toYaml | nindent 12 }}
{{- end }}
- --logtostderr
- -v=99 (??)
- --upstream=http://[127.0.0.1]:{{ $.Values.rbacProxy.upstreamListenPort }}
- --secure-listen-address=[$(IP)]:{{ $.Values.podListenPort }}
{{- if and $.Values.rbacProxy.tls.enabled $.Values.tlsSecret.enabled }}
- --tls-cert-file=/tls/private/{{ $.Values.tlsSecret.certItem }}
- --tls-private-key-file=/tls/private/{{ $.Values.tlsSecret.keyItem }}
{{- if and $.Values.rbacProxy.tls.tlsClientAuth $.Values.tlsSecret.caItem }}
- --client-ca-file=/tls/private/{{ $.Values.tlsSecret.caItem }}
{{- end }}
{{- end }}
Please make rbacProxy up-to-date, thank you.
Ref : https://github.com/brancz/kube-rbac-proxy?tab=readme-ov-file#usage