From b3b3629767eaa9c917b90f22f722f8a9106cdf13 Mon Sep 17 00:00:00 2001
From: Thomas Sontheimer <tgomas@users.noreply.github.com>
Date: Tue, 24 Mar 2020 01:59:05 +0100
Subject: [PATCH] Fix tls secrets keynames (#73)

* fix tls secrets keynames for provided values

Signed-off-by: Thomas Sontheimer <tgomas@users.noreply.github.com>
---
 charts/pomerium/Chart.yaml                 |  2 +-
 charts/pomerium/templates/tls-secrets.yaml | 21 +++++++++++----------
 charts/pomerium/values.yaml                |  3 +++
 3 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/charts/pomerium/Chart.yaml b/charts/pomerium/Chart.yaml
index 37bb60a8..b3818a60 100644
--- a/charts/pomerium/Chart.yaml
+++ b/charts/pomerium/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 name: pomerium
-version: 6.0.2
+version: 6.0.3
 appVersion: 0.6.2
 home: http://www.pomerium.io/
 icon: https://www.pomerium.io/logo-long.svg
diff --git a/charts/pomerium/templates/tls-secrets.yaml b/charts/pomerium/templates/tls-secrets.yaml
index ea534b10..81cccc60 100644
--- a/charts/pomerium/templates/tls-secrets.yaml
+++ b/charts/pomerium/templates/tls-secrets.yaml
@@ -159,32 +159,33 @@ data:
   tls.crt: {{ $kp.Cert | b64enc }}
   tls.key: {{ $kp.Key | b64enc }}
 {{-   else if not .Values.config.generateTLS }}
-{{-     if and (not .Values.config.existingCASecret) .Values.config.ca }}
+{{-     if and (not .Values.config.existingCASecret) .Values.config.ca.cert .Values.config.ca.key }}
 {{ template "pomerium.ca.tlsSecretObject" . }}
-  {{ template "pomerium.caSecret.certName" . }}: {{ .Values.config.ca | b64enc }}
+  ca.crt: {{ .Values.config.ca.cert | b64enc }}
+  ca.key: {{ .Values.config.ca.key | b64enc }}
 {{-     end }}
 {{-     if and (not .Values.authenticate.existingTLSSecret) .Values.authenticate.tls.cert .Values.authenticate.tls.key }}
 ---
 {{ template "pomerium.authenticate.tlsSecretObject" . }}
-  {{ template "pomerium.authenticate.tlsSecret.certName" . }}: {{ .Values.authenticate.tls.cert | b64enc }}
-  {{ template "pomerium.authenticate.tlsSecret.keyName" . }}: {{ .Values.authenticate.tls.key | b64enc }}
+  tls.crt: {{ .Values.authenticate.tls.cert | b64enc }}
+  tls.key: {{ .Values.authenticate.tls.key | b64enc }}
 {{-     end }}
 {{-     if and (not .Values.authorize.existingTLSSecret) .Values.authorize.tls.cert .Values.authorize.tls.key }}
 ---
 {{ template "pomerium.authorize.tlsSecretObject" . }}
-  {{ template "pomerium.authorize.tlsSecret.certName" . }}: {{ .Values.authorize.tls.cert | b64enc }}
-  {{ template "pomerium.authorize.tlsSecret.keyName" . }}: {{ .Values.authorize.tls.key | b64enc }}
+  tls.crt: {{ .Values.authorize.tls.cert | b64enc }}
+  tls.key: {{ .Values.authorize.tls.key | b64enc }}
 {{-     end }}
 {{-     if and (not .Values.cache.existingTLSSecret) .Values.cache.tls.cert .Values.cache.tls.key }}
 ---
 {{ template "pomerium.cache.tlsSecretObject" . }}
-  {{ template "pomerium.cache.tlsSecret.certName" . }}: {{ .Values.cache.tls.cert | b64enc }}
-  {{ template "pomerium.cache.tlsSecret.keyName" . }}: {{ .Values.cache.tls.key | b64enc }}
+  tls.crt: {{ .Values.cache.tls.cert | b64enc }}
+  tls.key: {{ .Values.cache.tls.key | b64enc }}
 {{-     end }}
 {{-     if and (not .Values.proxy.existingTLSSecret) .Values.proxy.tls.cert .Values.proxy.tls.key }}
 ---
 {{ template "pomerium.proxy.tlsSecretObject" . }}
-  {{ template "pomerium.proxy.tlsSecret.certName" . }}: {{ .Values.proxy.tls.cert | b64enc }}
-  {{ template "pomerium.proxy.tlsSecret.keyName" . }}: {{ .Values.proxy.tls.key | b64enc }}
+  tls.crt: {{ .Values.proxy.tls.cert | b64enc }}
+  tls.key: {{ .Values.proxy.tls.key | b64enc }}
 {{-     end }}
 {{- end }}
\ No newline at end of file
diff --git a/charts/pomerium/values.yaml b/charts/pomerium/values.yaml
index ae626354..7daa5ed6 100644
--- a/charts/pomerium/values.yaml
+++ b/charts/pomerium/values.yaml
@@ -11,6 +11,9 @@ config:
   existingSecret: ""
   existingConfig: ""
   existingCASecret: ""
+  ca:
+    cert: ""
+    key: ""
   sharedSecret: ""
   cookieSecret: ""
   generateTLS: true