diff --git a/charts/sn-platform-slim/templates/detector/pulsar-detector-deployment.yaml b/charts/sn-platform-slim/templates/detector/pulsar-detector-deployment.yaml index 9fea545ab..71e7b173d 100644 --- a/charts/sn-platform-slim/templates/detector/pulsar-detector-deployment.yaml +++ b/charts/sn-platform-slim/templates/detector/pulsar-detector-deployment.yaml @@ -113,14 +113,14 @@ spec: {{- end }} {{- if and .Values.auth.authentication.enabled (eq .Values.auth.authentication.provider "jwt") }} -auth-plugin token - -auth-params "{\"token\":\"$brokerClientAuthenticationParameters\"}" + -auth-params "{\"file\":\"$brokerClientAuthenticationParameters\"}" {{- end }} -service-url {{ template "pulsar.detector.serviceUrl" . }} -webservice-url {{ template "pulsar.detector.webServiceUrl" . }}; {{- else }} args: - > - bin/pulsar-detector -service-url {{ template "pulsar.detector.serviceUrl" . }} -webservice-url {{ template "pulsar.detector.webServiceUrl" . }} {{- if and .Values.auth.authentication.enabled (eq .Values.auth.authentication.provider "jwt") }} -auth-plugin token -auth-params "{\"token\":\"$brokerClientAuthenticationParameters\"}" {{- end }}; + bin/pulsar-detector -service-url {{ template "pulsar.detector.serviceUrl" . }} -webservice-url {{ template "pulsar.detector.webServiceUrl" . }} {{- if and .Values.auth.authentication.enabled (eq .Values.auth.authentication.provider "jwt") }} -auth-plugin token -auth-params "{\"file\":\"$brokerClientAuthenticationParameters\"}" {{- end }}; {{- end }} {{- if .Values.pulsar_detector.resources }} resources: {{- toYaml .Values.pulsar_detector.resources | nindent 10 }} @@ -132,21 +132,31 @@ spec: env: {{- if and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled }} - name: brokerClientAuthenticationParameters - valueFrom: - secretKeyRef: - name: {{ .Release.Name }}-token-admin - key: TOKEN + value: "/mnt/token/TOKEN" {{- end }} {{- if .Values.pulsar_detector.extraEnv }} {{- toYaml .Values.pulsar_detector.extraEnv | nindent 10 }} {{- end }} - {{- if .Values.pulsar_detector.extraVolumeMounts }} + {{- if or .Values.pulsar_detector.extraVolumeMounts (and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled) }} volumeMounts: + {{- if and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled }} + - mountPath: /mnt/token + name: detector-token + readOnly: true + {{- end }} + {{- if .Values.pulsar_detector.extraVolumeMounts }} {{- toYaml .Values.pulsar_detector.extraVolumeMounts | nindent 10 }} {{- end }} + {{- end }} volumes: - name: tmp emptyDir: {} + {{- if and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled }} + - name: detector-token + secret: + secretName: {{ .Release.Name }}-token-admin + defaultMode: 420 + {{- end }} {{- if .Values.pulsar_detector.extraVolumes }} {{- toYaml .Values.pulsar_detector.extraVolumes | nindent 8 }} {{- end }} diff --git a/charts/sn-platform/templates/detector/pulsar-detector-deployment.yaml b/charts/sn-platform/templates/detector/pulsar-detector-deployment.yaml index 161fa5c04..b003eb0fb 100644 --- a/charts/sn-platform/templates/detector/pulsar-detector-deployment.yaml +++ b/charts/sn-platform/templates/detector/pulsar-detector-deployment.yaml @@ -113,14 +113,14 @@ spec: {{- end }} {{- if and .Values.auth.authentication.enabled (eq .Values.auth.authentication.provider "jwt") }} -auth-plugin token - -auth-params "{\"token\":\"$brokerClientAuthenticationParameters\"}" + -auth-params "{\"file\":\"$brokerClientAuthenticationParameters\"}" {{- end }} -service-url {{ template "pulsar.detector.serviceUrl" . }} -webservice-url {{ template "pulsar.detector.webServiceUrl" . }}; {{- else }} args: - > - bin/pulsar-detector -service-url {{ template "pulsar.detector.serviceUrl" . }} -webservice-url {{ template "pulsar.detector.webServiceUrl" . }} {{- if and .Values.auth.authentication.enabled (eq .Values.auth.authentication.provider "jwt") }} -auth-plugin token -auth-params "{\"token\":\"$brokerClientAuthenticationParameters\"}" {{- end }}; + bin/pulsar-detector -service-url {{ template "pulsar.detector.serviceUrl" . }} -webservice-url {{ template "pulsar.detector.webServiceUrl" . }} {{- if and .Values.auth.authentication.enabled (eq .Values.auth.authentication.provider "jwt") }} -auth-plugin token -auth-params "{\"file\":\"$brokerClientAuthenticationParameters\"}" {{- end }}; {{- end }} {{- if .Values.pulsar_detector.resources }} resources: {{- toYaml .Values.pulsar_detector.resources | nindent 10 }} @@ -139,21 +139,31 @@ spec: {{- end }} {{- if and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled }} - name: brokerClientAuthenticationParameters - valueFrom: - secretKeyRef: - name: {{ .Release.Name }}-token-admin - key: TOKEN + value: "/mnt/token/TOKEN" {{- end }} {{- if .Values.pulsar_detector.extraEnv }} {{- toYaml .Values.pulsar_detector.extraEnv | nindent 10 }} {{- end }} - {{- if .Values.pulsar_detector.extraVolumeMounts }} + {{- if or .Values.pulsar_detector.extraVolumeMounts (and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled) }} volumeMounts: + {{- if and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled }} + - mountPath: /mnt/token + name: detector-token + readOnly: true + {{- end }} + {{- if .Values.pulsar_detector.extraVolumeMounts }} {{- toYaml .Values.pulsar_detector.extraVolumeMounts | nindent 10 }} {{- end }} + {{- end }} volumes: - name: tmp emptyDir: {} + {{- if and .Values.auth.authentication.enabled .Values.auth.authentication.jwt.enabled }} + - name: detector-token + secret: + secretName: {{ .Release.Name }}-token-admin + defaultMode: 420 + {{- end }} {{- if .Values.pulsar_detector.extraVolumes }} {{- toYaml .Values.pulsar_detector.extraVolumes | nindent 8 }} {{- end }}