[stable/zed] fix: add CA mounts in the Prometheus oauth2 container (#1335)
This is an automated cherry-pick of #1329
/assign mnaser
diff --git a/roles/kube_prometheus_stack/vars/main.yml b/roles/kube_prometheus_stack/vars/main.yml
index e638d22..4cf2386 100644
--- a/roles/kube_prometheus_stack/vars/main.yml
+++ b/roles/kube_prometheus_stack/vars/main.yml
@@ -133,6 +133,14 @@
- containerPort: 8082
name: oauth2-metrics
protocol: TCP
+ volumeMounts:
+ - name: ca-certificates
+ mountPath: /etc/ssl/certs/ca-certificates.crt
+ readOnly: true
+ volumes:
+ - name: ca-certificates
+ hostPath:
+ path: "{{ defaults_ca_certificates_path }}"
grafana:
adminPassword: "{{ kube_prometheus_stack_grafana_admin_password }}"
extraSecretMounts:
@@ -342,6 +350,14 @@
- containerPort: 8082
name: oauth2-metrics
protocol: TCP
+ volumeMounts:
+ - name: ca-certificates
+ mountPath: /etc/ssl/certs/ca-certificates.crt
+ readOnly: true
+ volumes:
+ - name: ca-certificates
+ hostPath:
+ path: "{{ defaults_ca_certificates_path }}"
additionalServiceMonitors:
- name: ceph
jobLabel: application