kevin.wilder · 876cf2a8 · 4e539946 · 6d4c113a · df80b895 · 51d43d50
--- a/chart/templates/keycloak/values.yaml

+ 9

− 10
+++ b/chart/templates/keycloak/values.yaml

+ 9

− 10
 @@ -45,17 +45,16 @@ monitoring:
  enabled: {{ .Values.monitoring.enabled }}
 serviceMonitor:
  enabled: {{ .Values.monitoring.enabled }}
-  # not able to get servicemonitor working with tlsConfig. Leaving it here for future work.
  # conditional passes only for default istio: enabled, mTLS: SCRICT, istio injection: enabled
-  # {{- if and $istioInjection (eq (dig "istio" "mtls" "mode" "STRICT" .Values.addons.keycloak.values) "STRICT") }}
-  # scheme: https
-  # tlsConfig:
-  #   caFile: /etc/prom-certs/root-cert.pem
-  #   certFile: /etc/prom-certs/cert-chain.pem
-  #   keyFile: /etc/prom-certs/key.pem
-  #   # Prometheus does not support Istio security naming, thus skip verifying target pod certificate
-  #   insecureSkipVerify: true
-  # {{- end }}
+  {{- if and $istioInjection (eq (dig "istio" "mtls" "mode" "STRICT" .Values.addons.keycloak.values) "STRICT") }}
+  scheme: https
+  tlsConfig:
+    caFile: /etc/prom-certs/root-cert.pem
+    certFile: /etc/prom-certs/cert-chain.pem
+    keyFile: /etc/prom-certs/key.pem
+    # Prometheus does not support Istio security naming, thus skip verifying target pod certificate
+    insecureSkipVerify: true
+  {{- end }}

 {{- if .Values.addons.keycloak.database.host }}
 postgresql: