From 66934dbd01d2ad3307c40c93f4dfbee33f9eabfe Mon Sep 17 00:00:00 2001
From: Flamarion Jorge <29267749+flamarion@users.noreply.github.com>
Date: Tue, 27 Aug 2024 18:53:50 +0200
Subject: [PATCH] feat: Add support for Custom CA to controller manager (#206)

---
 charts/operator/Chart.yaml                |  2 +-
 charts/operator/templates/configmap.yaml  | 13 +++++++++++++
 charts/operator/templates/deployment.yaml | 18 ++++++++++++++++++
 charts/operator/values.yaml               |  2 ++
 4 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 charts/operator/templates/configmap.yaml

diff --git a/charts/operator/Chart.yaml b/charts/operator/Chart.yaml
index 5ba0fe8f..f2bc86b8 100644
--- a/charts/operator/Chart.yaml
+++ b/charts/operator/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: operator
 description: A Helm chart for Weights & Biases operator
 type: application
-version: 1.2.4
+version: 1.3.0
 appVersion: "1.0.0"
 maintainers:
   - name: wandb
diff --git a/charts/operator/templates/configmap.yaml b/charts/operator/templates/configmap.yaml
new file mode 100644
index 00000000..728e8a86
--- /dev/null
+++ b/charts/operator/templates/configmap.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.customCACerts }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "operator.fullname" . }}-ca-certs
+data:
+  {{- range $index, $pem := .Values.customCACerts }}
+  customCA{{$index}}.crt: |-
+    {{- range splitList "\n" $pem }}
+    {{ . }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/operator/templates/deployment.yaml b/charts/operator/templates/deployment.yaml
index eb86a6f4..f938aade 100644
--- a/charts/operator/templates/deployment.yaml
+++ b/charts/operator/templates/deployment.yaml
@@ -47,6 +47,10 @@ spec:
               fieldPath: spec.serviceAccountName
         - name: AIRGAPPED
           value: {{ .Values.airgapped | quote }}
+        {{- if .Values.customCACerts }}
+        - name: SSL_CERT_DIR
+          value: /certs
+        {{- end }}
         livenessProbe:
           httpGet:
             path: /healthz
@@ -65,11 +69,25 @@ spec:
         - name: {{ include "name" . }}-charts
           mountPath: /charts
         {{- end }}
+        {{- if .Values.customCACerts }}
+        {{- range $index, $v := .Values.customCACerts }}
+        volumeMounts:
+          - name: wandb-ca-certs
+            mountPath: /certs/customCA{{$index}}.crt
+            subPath: customCA{{$index}}.crt
+        {{- end }}
+        {{- end }}
       {{- if .Values.airgapped }}
       volumes:
       - name: {{ include "name" . }}-charts
         configMap:
           name: {{ include "name" . }}-charts
       {{- end }}
+      {{- if .Values.customCACerts }}
+      volumes:
+      - name: wandb-ca-certs
+        configMap:
+          name: {{ include "operator.fullname" . }}-ca-certs
+      {{- end }}
       serviceAccountName: {{ include "manager.serviceAccount.name" . }}
       terminationGracePeriodSeconds: 10
diff --git a/charts/operator/values.yaml b/charts/operator/values.yaml
index 1806ca43..f06dadd5 100644
--- a/charts/operator/values.yaml
+++ b/charts/operator/values.yaml
@@ -202,3 +202,5 @@ airgapped: false
 namespaceIsolation:
   enabled: false
   additionalNamespaces: []
+
+customCACerts: []