Merge branch 'volume-stuffz' into 'main-minio2'

Add Volumes/Mounts to MM Values & Custom CA docs See merge request !37

Merge branch 'volume-stuffz' into 'main-minio2'
Add Volumes/Mounts to MM Values & Custom CA docs See merge request !37
a143a98d · Micah Nagel · e8fc90e7 · 60111a52 · a143a98d · a143a98d
Commit a143a98d authored Jun 08, 2021 by Micah Nagel 💰
5 changed files
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

 ---

+## [0.1.6-bb.4] - 2021-06-07
+### Added
+- Ability to pass volumes / volumeMounts to MM pods
+
 ## [0.1.6-bb.3] - 2021-06-04
 ### Added
 - Add IPS with new operator

--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
 apiVersion: v2
 name: mattermost
 type: application
-version: "0.1.6-bb.3"
+version: "0.1.6-bb.4"
 appVersion: "5.34.2"
 description: "Deployment of mattermost"
 keywords:

--- a/chart/templates/mattermost.yaml
+++ b/chart/templates/mattermost.yaml
@@ -153,6 +153,16 @@ spec:
      {{ toYaml .Values.nodeSelector | nindent 6 }}
    {{- end }}  

+  {{- with .Values.volumes }}
+  volumes:
+  {{- toYaml . | nindent 4}}
+  {{- end }}
+
+  {{- with .Values.volumeMounts }}
+  volumeMounts:
+  {{- toYaml . | nindent 4}}
+  {{- end }}
+
  database:
    external:
      secret: {{ .Values.database.secret | default (printf "%s-dbcreds" (include "mattermost.fullname" .)) }}

--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -101,6 +101,17 @@ existingSecretEnvs: {}
  #       key: DB_CONNECTION_CHECK_URL
  #       name: "mysecretname"

+volumes: {}
+  # - name: ca-cert
+  #   secret:
+  #     secretName: ca-secret
+  #     defaultMode: 0644
+
+volumeMounts: {}
+  # - name: ca-cert
+  #   mountPath: /etc/ssl/certs
+  #   readOnly: true
+
 minio:
  install: false


--- a/docs/keycloak.md
+++ b/docs/keycloak.md
@@ -77,3 +77,27 @@ helm upgrade -i mattermost chart -n mattermost --create-namespace -f my-values.y
 Role based authentication can be configured as long as you are on an enterprise version.

 Follow the steps in [this tutorial](https://docs.mattermost.com/deployment/advanced-permissions.html) to customize the permissions given to users. In general permissions can be edited under the "System Console -> User Management -> Permissions". Users should be created by default under the "Member" group, except for the first user to sign up or login.
+
+## OIDC Custom CA
+
+Mattermost can be configured to point to specific files to trust with an OIDC auth connection, here is an example when using Big Bang to deploy mattermost, assuming you are populating a secret named "ca-cert" in the same namespace, with a key of cert.pem and value of a single PEM encoded certificate (an easy way to make this secret is included below as well):
+
+```yaml
+addons:
+  mattermost:
+    values:
+      volumes:
+        - name: ca-cert
+          secret:
+            secretName: ca-secret
+            defaultMode: 0644
+      volumeMounts:
+        - name: ca-cert
+          mountPath: /etc/ssl/certs
+          readOnly: true
+```
+
+For secret creation with this example and a pem file at `/path/to/cert.pem`:
+```bash
+kubectl create secret generic ca-secret --from-file=cert.pem=/path/to/cert.pem -n mattermost
+```